Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
lw2HMxuVuf.exe

Overview

General Information

Sample name:lw2HMxuVuf.exe
renamed because original name is a hash value
Original sample name:5c48490b288fbb3b9d7b17aebc15b0f76edc4339029cadf91b28113111c2b20b.exe
Analysis ID:1561836
MD5:d12d2a0f8909a768683f6c548205e955
SHA1:2fccbec13bc847741b7cdd85cbdd560af59d96e1
SHA256:5c48490b288fbb3b9d7b17aebc15b0f76edc4339029cadf91b28113111c2b20b
Tags:exeNineRiversSkyRoarCommitTradeCoLtduser-JAMESWT_MHT
Infos:

Detection

Score:42
Range:0 - 100
Whitelisted:false
Confidence:100%

Compliance

Score:35
Range:0 - 100

Signatures

Yara detected AntiVM3
Bypasses PowerShell execution policy
Contains functionality to infect the boot sector
Disables Windows system restore
Found stalling execution ending in API Sleep call
Query firmware table information (likely to detect VMs)
Reads the Security eventlog
Reads the System eventlog
Sigma detected: Script Interpreter Execution From Suspicious Folder
Tries to harvest and steal browser information (history, passwords, etc)
AV process strings found (often used to terminate AV products)
Allocates memory with a write watch (potentially for evading sandboxes)
Checks if the current process is being debugged
Connects to many different domains
Contains capabilities to detect virtual machines
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a debugger is running (OutputDebugString,GetLastError)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to launch a process as a different user
Contains functionality to query CPU information (cpuid)
Contains functionality to query locales information (e.g. system language)
Contains functionality to read the PEB
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Creates COM task schedule object (often to register a task for autostart)
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Creates job files (autostart)
Creates or modifies windows services
Detected potential crypto function
Drops PE files
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found evasive API chain (may stop execution after accessing registry keys)
Found evasive API chain (may stop execution after checking a module file name)
Found evasive API chain checking for process token information
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
HTML page contains hidden javascript code
Is looking for software installed on the system
May sleep (evasive loops) to hinder dynamic analysis
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
PE file contains executable resources (Code or Archives)
PE file does not import any functions
Queries disk information (often used to detect virtual machines)
Queries information about the installed CPU (vendor, model number etc)
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Sigma detected: Change PowerShell Policies to an Insecure Level
Sigma detected: CurrentVersion Autorun Keys Modification
Sigma detected: PSScriptPolicyTest Creation By Uncommon Process
Sigma detected: PowerShell Script Run in AppData
Stores files to the Windows start menu directory
Suricata IDS alerts with low severity for network traffic
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Uses insecure TLS / SSL version for HTTPS connection
Uses the system / local time for branch decision (may execute only at specific dates)

Classification

Process Tree

  • System is w10x64
  • lw2HMxuVuf.exe (PID: 4500 cmdline: "C:\Users\user\Desktop\lw2HMxuVuf.exe" MD5: D12D2A0F8909A768683F6C548205E955)
    • CCleaner64.exe (PID: 1272 cmdline: "C:\Program Files\CCleaner\CCleaner64.exe" /createSkipUAC MD5: 2C06EA7AA9BB892D84ADD917952FA262)
      • CCleanerCrashDump.exe (PID: 320 cmdline: "C:\Program Files\CCleaner\CCleanerCrashDump.exe" --pid 1272 --exception_ptr 0000007E054FD2C0 --thread_id 5744 --dump_level 21 --dump_file "C:\Program Files\CCleaner\LOG\unp31145570364458760i-unhandled.mdmp" --comment "" --min_interval 60 MD5: A27D2E703C03AB74FE3CC5AF08365317)
        • conhost.exe (PID: 4308 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • CCUpdate.exe (PID: 6300 cmdline: "C:\Program Files\CCleaner\CCUpdate.exe" /reg MD5: 943A4F169E9A3303ED6DEFC1AC3690BD)
      • CCUpdate.exe (PID: 4220 cmdline: CCUpdate.exe /emupdater /applydll "C:\Program Files\CCleaner\Setup\92a778af-76d6-4186-8535-ae66d08f623f.dll" MD5: 943A4F169E9A3303ED6DEFC1AC3690BD)
    • chrome.exe (PID: 4400 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://www.ccleaner.com/go/app_releasenotes?p=1&v=&l=1033&b=1&a=0 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
      • chrome.exe (PID: 6948 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=2004,i,4752939339511443600,2295827606538063107,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • CCleaner64.exe (PID: 2992 cmdline: "C:\Program Files\CCleaner\CCleaner64.exe" MD5: 2C06EA7AA9BB892D84ADD917952FA262)
      • wa_3rd_party_host_32.exe (PID: 3056 cmdline: --pid=2992 MD5: 309BD294516051E34072A29FF7D96137)
        • conhost.exe (PID: 1380 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • wa_3rd_party_host_64.exe (PID: 3940 cmdline: --pid=2992 MD5: 0E11E9D3C16F6B0F59EC10488A36A415)
        • conhost.exe (PID: 6444 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • cmd.exe (PID: 6480 cmdline: C:\Windows\system32\cmd.exe /S /C ""C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" > "C:\Users\user\AppData\Local\Temp\OPSD146.tmp" 2> "C:\Users\user\AppData\Local\Temp\OPSD147.tmp"" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
          • conhost.exe (PID: 7068 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
          • powershell.exe (PID: 7484 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" MD5: 04029E121A0CFA5991749937DD22A1D9)
  • CCUpdate.exe (PID: 1480 cmdline: "C:\Program Files\CCleaner\CCUpdate.exe" MD5: 943A4F169E9A3303ED6DEFC1AC3690BD)
  • CCleanerBugReport.exe (PID: 5912 cmdline: "C:\Program Files\CCleaner\CCleanerBugReport.exe" --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a" --version "6.30.11385" --silent MD5: 0CD1F5CAD7DFED152434BD6CDA8D5094)
    • conhost.exe (PID: 1524 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
  • CCleaner.exe (PID: 5400 cmdline: "C:\Program Files\CCleaner\CCleaner.exe" 0 MD5: A2EE8E9ACC0C8F79953A42B213A9C201)
    • CCleaner64.exe (PID: 3276 cmdline: "C:\Program Files\CCleaner\CCleaner.exe" 0 MD5: 2C06EA7AA9BB892D84ADD917952FA262)
      • CCleaner64.exe (PID: 760 cmdline: "C:\Program Files\CCleaner\CCleaner64.exe" /monitor MD5: 2C06EA7AA9BB892D84ADD917952FA262)
      • wa_3rd_party_host_32.exe (PID: 5620 cmdline: --pid=3276 MD5: 309BD294516051E34072A29FF7D96137)
        • conhost.exe (PID: 5796 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
      • wa_3rd_party_host_64.exe (PID: 6168 cmdline: --pid=3276 MD5: 0E11E9D3C16F6B0F59EC10488A36A415)
        • conhost.exe (PID: 1052 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • cmd.exe (PID: 4712 cmdline: C:\Windows\system32\cmd.exe /S /C ""C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" > "C:\Users\user\AppData\Local\Temp\OPSBBCA.tmp" 2> "C:\Users\user\AppData\Local\Temp\OPSBBCB.tmp"" MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
          • conhost.exe (PID: 5708 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
          • powershell.exe (PID: 4304 cmdline: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" MD5: 04029E121A0CFA5991749937DD22A1D9)
  • svchost.exe (PID: 6716 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS MD5: B7F884C1B74A263F746EE12A5F7C9F6A)
  • unsecapp.exe (PID: 5852 cmdline: C:\Windows\system32\wbem\unsecapp.exe -Embedding MD5: 9B782B1E1D7A2C28302755F963EAC907)
  • CCleaner64.exe (PID: 4432 cmdline: "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MD5: 2C06EA7AA9BB892D84ADD917952FA262)
  • CCleaner.exe (PID: 7484 cmdline: "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac MD5: A2EE8E9ACC0C8F79953A42B213A9C201)
    • CCleaner64.exe (PID: 728 cmdline: "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac MD5: 2C06EA7AA9BB892D84ADD917952FA262)
  • CCleaner64.exe (PID: 3736 cmdline: "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MD5: 2C06EA7AA9BB892D84ADD917952FA262)
  • CCleaner.exe (PID: 4416 cmdline: "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac MD5: A2EE8E9ACC0C8F79953A42B213A9C201)
    • CCleaner64.exe (PID: 7236 cmdline: "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac MD5: 2C06EA7AA9BB892D84ADD917952FA262)
      • CCleanerCrashDump.exe (PID: 4416 cmdline: "C:\Program Files\CCleaner\CCleanerCrashDump.exe" --pid 7236 --exception_ptr 0000005CCC9FD640 --thread_id 8100 --dump_level 21 --dump_file "C:\Program Files\CCleaner\LOG\unp31145570997760611i-unhandled.mdmp" --comment "" --min_interval 60 MD5: A27D2E703C03AB74FE3CC5AF08365317)
    • conhost.exe (PID: 3424 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
0000000E.00000003.2795690252.000001479DB6B000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_AntiVM_3Yara detected AntiVM_3Joe Security
    0000000E.00000003.2789770376.000001479CAF6000.00000004.00000020.00020000.00000000.sdmpJoeSecurity_AntiVM_3Yara detected AntiVM_3Joe Security

      Sigma Signatures

      System Summary

      barindex
      Sigma detected: Script Interpreter Execution From Suspicious Folder
      Source: Process startedAuthor: Florian Roth (Nextron Systems), Nasreddine Bencherchali (Nextron Systems): Data: Command: C:\Windows\system32\cmd.exe /S /C ""C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" > "C:\Users\user\AppData\Local\Temp\OPSBBCA.tmp" 2> "C:\Users\user\AppData\Local\Temp\OPSBBCB.tmp"", CommandLine: C:\Windows\system32\cmd.exe /S /C ""C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" > "C:\Users\user\AppData\Local\Temp\OPSBBCA.tmp" 2> "C:\Users\user\AppData\Local\Temp\OPSBBCB.tmp"", CommandLine|base64offset|contains: , Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: --pid=3276, ParentImage: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe, ParentProcessId: 6168, ParentProcessName: wa_3rd_party_host_64.exe, ProcessCommandLine: C:\Windows\system32\cmd.exe /S /C ""C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" > "C:\Users\user\AppData\Local\Temp\OPSBBCA.tmp" 2> "C:\Users\user\AppData\Local\Temp\OPSBBCB.tmp"", ProcessId: 4712, ProcessName: cmd.exe
      Sigma detected: Change PowerShell Policies to an Insecure Level
      Source: Process startedAuthor: frack113: Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" , CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" , CommandLine|base64offset|contains: z), Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Windows\system32\cmd.exe /S /C ""C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" > "C:\Users\user\AppData\Local\Temp\OPSBBCA.tmp" 2> "C:\Users\user\AppData\Local\Temp\OPSBBCB.tmp"", ParentImage: C:\Windows\System32\cmd.exe, ParentProcessId: 4712, ParentProcessName: cmd.exe, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" , ProcessId: 4304, ProcessName: powershell.exe
      Sigma detected: CurrentVersion Autorun Keys Modification
      Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR, EventID: 13, EventType: SetValue, Image: C:\Program Files\CCleaner\CCleaner64.exe, ProcessId: 760, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\CCleaner Smart Cleaning
      Sigma detected: PSScriptPolicyTest Creation By Uncommon Process
      Source: File createdAuthor: Nasreddine Bencherchali (Nextron Systems): Data: EventID: 11, Image: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe, ProcessId: 5620, TargetFilename: C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cfn2fhoy.a3h.ps1
      Sigma detected: PowerShell Script Run in AppData
      Source: Process startedAuthor: Florian Roth (Nextron Systems), Jonhnathan Ribeiro, oscd.community: Data: Command: C:\Windows\system32\cmd.exe /S /C ""C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" > "C:\Users\user\AppData\Local\Temp\OPSBBCA.tmp" 2> "C:\Users\user\AppData\Local\Temp\OPSBBCB.tmp"", CommandLine: C:\Windows\system32\cmd.exe /S /C ""C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" > "C:\Users\user\AppData\Local\Temp\OPSBBCA.tmp" 2> "C:\Users\user\AppData\Local\Temp\OPSBBCB.tmp"", CommandLine|base64offset|contains: , Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: --pid=3276, ParentImage: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe, ParentProcessId: 6168, ParentProcessName: wa_3rd_party_host_64.exe, ProcessCommandLine: C:\Windows\system32\cmd.exe /S /C ""C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" > "C:\Users\user\AppData\Local\Temp\OPSBBCA.tmp" 2> "C:\Users\user\AppData\Local\Temp\OPSBBCB.tmp"", ProcessId: 4712, ProcessName: cmd.exe
      Sigma detected: Non Interactive PowerShell Process Spawned
      Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" , CommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" , CommandLine|base64offset|contains: z), Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Windows\system32\cmd.exe /S /C ""C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" > "C:\Users\user\AppData\Local\Temp\OPSBBCA.tmp" 2> "C:\Users\user\AppData\Local\Temp\OPSBBCB.tmp"", ParentImage: C:\Windows\System32\cmd.exe, ParentProcessId: 4712, ParentProcessName: cmd.exe, ProcessCommandLine: "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" , ProcessId: 4304, ProcessName: powershell.exe
      Sigma detected: Windows Processes Suspicious Parent Directory
      Source: Process startedAuthor: vburov: Data: Command: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, CommandLine: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, CommandLine|base64offset|contains: , Image: C:\Windows\System32\svchost.exe, NewProcessName: C:\Windows\System32\svchost.exe, OriginalFileName: C:\Windows\System32\svchost.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 632, ProcessCommandLine: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, ProcessId: 6716, ProcessName: svchost.exe

      Suricata Signatures

      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
      2024-11-24T12:15:32.175183+010020221121Exploit Kit Activity Detected192.168.2.550032104.244.42.195443TCP
      2024-11-24T12:15:32.343934+010020221121Exploit Kit Activity Detected192.168.2.550029172.66.0.227443TCP
      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
      2024-11-24T12:14:20.493543+010020283713Unknown Traffic192.168.2.54970834.117.223.223443TCP
      2024-11-24T12:14:23.800355+010020283713Unknown Traffic192.168.2.54971234.111.24.1443TCP
      2024-11-24T12:14:34.897637+010020283713Unknown Traffic192.168.2.54974334.117.223.223443TCP
      2024-11-24T12:14:36.684728+010020283713Unknown Traffic192.168.2.54974734.117.223.223443TCP
      2024-11-24T12:14:52.290002+010020283713Unknown Traffic192.168.2.54978334.117.223.223443TCP
      2024-11-24T12:14:52.821698+010020283713Unknown Traffic192.168.2.54978434.111.175.102443TCP
      2024-11-24T12:14:53.956588+010020283713Unknown Traffic192.168.2.54979034.117.223.223443TCP
      2024-11-24T12:14:54.070461+010020283713Unknown Traffic192.168.2.54979234.117.223.223443TCP
      2024-11-24T12:14:55.758801+010020283713Unknown Traffic192.168.2.54979834.117.223.223443TCP
      2024-11-24T12:14:57.727533+010020283713Unknown Traffic192.168.2.54980335.190.209.22443TCP
      2024-11-24T12:15:00.634198+010020283713Unknown Traffic192.168.2.54981035.190.209.22443TCP
      2024-11-24T12:15:01.631150+010020283713Unknown Traffic192.168.2.54981634.111.175.102443TCP
      2024-11-24T12:15:02.543479+010020283713Unknown Traffic192.168.2.54982534.117.223.223443TCP
      2024-11-24T12:15:05.550153+010020283713Unknown Traffic192.168.2.54984034.117.223.223443TCP
      2024-11-24T12:15:07.705146+010020283713Unknown Traffic192.168.2.54984934.117.223.223443TCP
      2024-11-24T12:15:07.747449+010020283713Unknown Traffic192.168.2.54985134.117.223.223443TCP
      2024-11-24T12:15:09.548315+010020283713Unknown Traffic192.168.2.54986234.117.223.223443TCP
      2024-11-24T12:15:09.601618+010020283713Unknown Traffic192.168.2.54986334.117.223.223443TCP
      2024-11-24T12:15:11.276399+010020283713Unknown Traffic192.168.2.54987234.117.223.223443TCP
      2024-11-24T12:15:11.774500+010020283713Unknown Traffic192.168.2.54987634.117.223.223443TCP
      2024-11-24T12:15:13.299940+010020283713Unknown Traffic192.168.2.54989434.117.223.223443TCP
      2024-11-24T12:15:13.558684+010020283713Unknown Traffic192.168.2.54989534.117.223.223443TCP
      2024-11-24T12:15:15.772878+010020283713Unknown Traffic192.168.2.54990934.117.223.223443TCP
      2024-11-24T12:15:17.553957+010020283713Unknown Traffic192.168.2.54991834.117.223.223443TCP
      2024-11-24T12:15:17.672534+010020283713Unknown Traffic192.168.2.54991934.117.223.223443TCP
      2024-11-24T12:15:19.236656+010020283713Unknown Traffic192.168.2.54993534.117.223.223443TCP
      2024-11-24T12:15:19.397979+010020283713Unknown Traffic192.168.2.54993634.117.223.223443TCP
      2024-11-24T12:15:21.009558+010020283713Unknown Traffic192.168.2.54995134.117.223.223443TCP
      2024-11-24T12:15:21.622050+010020283713Unknown Traffic192.168.2.54995334.117.223.223443TCP
      2024-11-24T12:15:24.226088+010020283713Unknown Traffic192.168.2.54996534.117.223.223443TCP
      2024-11-24T12:15:26.228074+010020283713Unknown Traffic192.168.2.54998134.117.223.223443TCP
      2024-11-24T12:15:27.103609+010020283713Unknown Traffic192.168.2.54999834.117.223.223443TCP
      2024-11-24T12:15:27.864202+010020283713Unknown Traffic192.168.2.55001334.117.223.223443TCP
      2024-11-24T12:15:28.010062+010020283713Unknown Traffic192.168.2.55001434.117.223.223443TCP
      2024-11-24T12:15:29.673355+010020283713Unknown Traffic192.168.2.55002334.117.223.223443TCP
      2024-11-24T12:15:29.811644+010020283713Unknown Traffic192.168.2.55002434.117.223.223443TCP
      2024-11-24T12:15:30.634205+010020283713Unknown Traffic192.168.2.55002634.117.223.223443TCP
      2024-11-24T12:15:32.414000+010020283713Unknown Traffic192.168.2.55003334.117.223.223443TCP
      2024-11-24T12:15:32.923527+010020283713Unknown Traffic192.168.2.55004234.117.223.223443TCP
      2024-11-24T12:15:33.142879+010020283713Unknown Traffic192.168.2.55004434.149.202.126443TCP
      2024-11-24T12:15:33.919580+010020283713Unknown Traffic192.168.2.55004534.117.223.223443TCP
      2024-11-24T12:15:34.888279+010020283713Unknown Traffic192.168.2.55005234.117.223.223443TCP
      2024-11-24T12:15:35.553981+010020283713Unknown Traffic192.168.2.55006034.117.223.223443TCP
      2024-11-24T12:15:35.554188+010020283713Unknown Traffic192.168.2.55006234.117.223.223443TCP
      2024-11-24T12:15:36.083309+010020283713Unknown Traffic192.168.2.55006434.117.223.223443TCP
      2024-11-24T12:15:37.394042+010020283713Unknown Traffic192.168.2.55007934.117.223.223443TCP
      2024-11-24T12:15:37.979868+010020283713Unknown Traffic192.168.2.55011034.117.223.223443TCP
      2024-11-24T12:15:39.095570+010020283713Unknown Traffic192.168.2.55012634.149.202.126443TCP
      2024-11-24T12:15:39.931648+010020283713Unknown Traffic192.168.2.55014134.117.223.223443TCP
      2024-11-24T12:15:41.706114+010020283713Unknown Traffic192.168.2.55018234.117.223.223443TCP
      2024-11-24T12:15:43.533406+010020283713Unknown Traffic192.168.2.55022634.117.223.223443TCP
      2024-11-24T12:15:44.337343+010020283713Unknown Traffic192.168.2.55023034.117.223.223443TCP
      2024-11-24T12:15:44.474840+010020283713Unknown Traffic192.168.2.55023134.117.223.223443TCP
      2024-11-24T12:15:45.848903+010020283713Unknown Traffic192.168.2.55026934.117.223.223443TCP
      2024-11-24T12:15:47.617318+010020283713Unknown Traffic192.168.2.55034534.117.223.223443TCP
      2024-11-24T12:15:47.666179+010020283713Unknown Traffic192.168.2.55035234.117.223.223443TCP
      2024-11-24T12:15:49.780606+010020283713Unknown Traffic192.168.2.55041634.117.223.223443TCP
      2024-11-24T12:15:52.373679+010020283713Unknown Traffic192.168.2.55047734.117.223.223443TCP
      2024-11-24T12:15:54.429532+010020283713Unknown Traffic192.168.2.55052734.117.223.223443TCP
      2024-11-24T12:15:57.433584+010020283713Unknown Traffic192.168.2.55059234.117.223.223443TCP
      2024-11-24T12:16:06.105400+010020283713Unknown Traffic192.168.2.55069734.117.223.223443TCP
      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
      2024-11-24T12:14:33.600633+010028032702Potentially Bad Traffic192.168.2.54973734.160.176.28443TCP
      2024-11-24T12:14:44.015240+010028032702Potentially Bad Traffic192.168.2.54976534.160.176.28443TCP
      2024-11-24T12:15:27.097517+010028032702Potentially Bad Traffic192.168.2.54998634.111.175.102443TCP
      2024-11-24T12:15:27.900917+010028032702Potentially Bad Traffic192.168.2.54999634.160.176.28443TCP
      2024-11-24T12:15:27.961162+010028032702Potentially Bad Traffic192.168.2.54999334.111.24.1443TCP
      2024-11-24T12:15:27.964605+010028032702Potentially Bad Traffic192.168.2.54999434.111.24.1443TCP
      2024-11-24T12:15:28.043288+010028032702Potentially Bad Traffic192.168.2.54999534.111.175.102443TCP
      2024-11-24T12:15:29.126656+010028032702Potentially Bad Traffic192.168.2.55001734.160.176.28443TCP
      2024-11-24T12:15:29.328141+010028032702Potentially Bad Traffic192.168.2.55001634.111.175.102443TCP
      2024-11-24T12:16:07.064540+010028032702Potentially Bad Traffic192.168.2.55069834.117.223.223443TCP

      Joe Sandbox Signatures

      Click to jump to signature section

      Show All Signature Results
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmpBinary or memory string: -----BEGIN PUBLIC KEY-----memstr_ed7bcb60-1
      Source: https://www.ccleaner.com/knowledge/ccleaner-v6-30-11385?cv=v6-30-11385HTTP Parser: Base64 decoded: <svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" width="348.333px" height="348.333px" viewBox="0 0 348.333 348.334" style="enable-background:new 0 0 348.333 348.334;" xml:space="preserve"><g>...
      Source: https://www.ccleaner.com/knowledge/ccleaner-v6-30-11385?cv=v6-30-11385HTTP Parser: Iframe src: https://symantec.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwww.ccleaner.com
      Source: https://www.ccleaner.com/knowledge/ccleaner-v6-30-11385?cv=v6-30-11385HTTP Parser: Iframe src: https://td.doubleclick.net/td/ga/rul?tid=G-YG64G9XX0R&gacid=246986528.1732446933&gtm=45je4bk0v872524127za200zb9132702579&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=492160558
      Source: https://www.ccleaner.com/knowledge/ccleaner-v6-30-11385?cv=v6-30-11385HTTP Parser: Iframe src: https://symantec.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwww.ccleaner.com
      Source: https://www.ccleaner.com/knowledge/ccleaner-v6-30-11385?cv=v6-30-11385HTTP Parser: Iframe src: https://td.doubleclick.net/td/ga/rul?tid=G-YG64G9XX0R&gacid=246986528.1732446933&gtm=45je4bk0v872524127za200zb9132702579&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=492160558
      Source: https://www.ccleaner.com/knowledge/ccleaner-v6-30-11385?cv=v6-30-11385HTTP Parser: No favicon
      Source: https://www.ccleaner.com/knowledge/ccleaner-v6-30-11385?cv=v6-30-11385HTTP Parser: No favicon
      Source: https://www.ccleaner.com/knowledge/ccleaner-v6-30-11385?cv=v6-30-11385HTTP Parser: No <meta name="author".. found
      Source: https://www.ccleaner.com/knowledge/ccleaner-v6-30-11385?cv=v6-30-11385HTTP Parser: No <meta name="author".. found
      Source: https://www.ccleaner.com/knowledge/ccleaner-v6-30-11385?cv=v6-30-11385HTTP Parser: No <meta name="author".. found
      Source: https://www.ccleaner.com/knowledge/ccleaner-v6-30-11385?cv=v6-30-11385HTTP Parser: No <meta name="copyright".. found
      Source: https://www.ccleaner.com/knowledge/ccleaner-v6-30-11385?cv=v6-30-11385HTTP Parser: No <meta name="copyright".. found
      Source: https://www.ccleaner.com/knowledge/ccleaner-v6-30-11385?cv=v6-30-11385HTTP Parser: No <meta name="copyright".. found

      Compliance

      barindex
      Uses 32bit PE files
      Source: lw2HMxuVuf.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
      Uses insecure TLS / SSL version for HTTPS connection
      Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49801 version: TLS 1.0
      Creates a directory in C:\Program Files
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleanerJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\CCleaner.exeJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\CCleaner64.exeJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\CCUpdate.exeJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\LangJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1025.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1026.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1027.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1028.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1029.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1030.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1031.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1032.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1034.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1035.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1036.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1037.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1038.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1040.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1041.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1042.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1043.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1044.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1045.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1046.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1048.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1049.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1050.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1051.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1052.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1053.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1054.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1055.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1056.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1057.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1058.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1059.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1060.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1061.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1062.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1063.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1065.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1066.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1067.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1068.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1079.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1071.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1081.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1086.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1087.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1090.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1092.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1093.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1102.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1104.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1109.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1110.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1155.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-2052.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-2070.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-2074.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-3098.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-5146.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-9999.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\CCleanerDU.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\CCleanerPerformanceOptimizer.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\CCleanerReactivator.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\libwaapi.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\libwaheap.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\libwalocal.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\libwaresource.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\libwautils.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\libwavmodapi.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\CCleanerBugReport.exeJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\CCleanerCrashDump.exeJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exeJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\CCleanerReactivator.exeJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\uninst.exeJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOGJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Setup\config.defJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeDirectory created: C:\Program Files\CCleaner\Setup\Jump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeDirectory created: C:\Program Files\CCleaner\Setup\02cb0e58-d7f9-4650-aaa3-c382df995438.iniJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeDirectory created: C:\Program Files\CCleaner\Setup\92a778af-76d6-4186-8535-ae66d08f623f.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeDirectory created: C:\Program Files\CCleaner\Setup\9c909bc2-cad9-48a5-8b4a-a855a60d0635.xmlJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeDirectory created: C:\Program Files\CCleaner\log\DumpProcess.log.tmp.f53516a7-b1d4-4e35-9f9f-5bf19acd8d46Jump to behavior
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeDirectory created: C:\Program Files\CCleaner\LOG\unp31145570364458760i-unhandled.mdmpJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeDirectory created: C:\Program Files\CCleaner\LOG\last.dumpJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeDirectory created: C:\Program Files\CCleaner\log\BugReport.log.tmp.dae51f4d-55cc-41f8-b071-6a014d36c644
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeDirectory created: C:\Program Files\CCleaner\log\BugReport.status
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\gcapi_dll.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\DriverUpdaterLib.log.tmp.accacbd3-aee6-455d-9f5d-9609fdf807c7
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\DriverUpdEng.log.tmp.62d78b02-53aa-4397-82ba-6f79541c1b50
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\DriverUpdEngTask.log.tmp.25e35e65-8152-4023-ad23-4ef6ff68a13b
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\journal
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\log
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\report
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\chest
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\moved
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\fw
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\event_manager.log.tmp.57b5a0f5-3c1f-4a68-8856-fdecb876f055
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\burger_client
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\burger_client\825E3DD4-926B-4EB9-A66E-9F88AAD28A0F
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\burger_client\8866F8A9-70C9-43A2-BFBE-EE00AA2DC417
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\usercfg.ini
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\burger_client\8866F8A9-70C9-43A2-BFBE-EE00AA2DC417\44ED97C8-2D40-4A50-913D-673F6858B9AF
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\BackupStorage
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\burger_client\8866F8A9-70C9-43A2-BFBE-EE00AA2DC417\203abf8c-03ea-4cb7-b490-fe04ea1c26bb
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\su_controller.log.tmp.528f08fa-e71c-4268-add3-1b0450e8eb1a
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\su_telemetry.log.tmp.3dbb3c72-b585-4e54-aa6e-48787f35bd13
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\burger_client
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\burger_client\825E3DD4-926B-4EB9-A66E-9F88AAD28A0F
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\burger_client\8866F8A9-70C9-43A2-BFBE-EE00AA2DC417
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\burger_client\8866F8A9-70C9-43A2-BFBE-EE00AA2DC417\44ED97C8-2D40-4A50-913D-673F6858B9AF
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\burger_client\8866F8A9-70C9-43A2-BFBE-EE00AA2DC417\2bab7519-4020-4dae-a822-3e7f39e8fa82
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\su_adapter.log.tmp.5669dd20-a121-429d-bc95-a17865357101
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\DUState.dat
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\StateHistory
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\StateHistory\DUState 2024-11-24 11-16-32-817.dat
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\StateHistory\InitialDUState V24_2.dat
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\gcapi_dll.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\StateHistory\DUState 2024-11-24 11-17-08-263.dat
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\gcapi_dll.dll
      Source: C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exeDirectory created: C:\Program Files\CCleaner\LOG\pd.log.tmp.ecbf8d94-bb5d-46ed-abbb-da465ab5d3b8
      Creates a software uninstall entry
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeRegistry value created: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CCleanerJump to behavior
      PE / OLE file has a valid certificate
      Source: lw2HMxuVuf.exeStatic PE information: certificate valid
      Uses secure TLS version for HTTPS connections
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49708 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.5:49709 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.5:49710 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.111.24.1:443 -> 192.168.2.5:49712 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.160.176.28:443 -> 192.168.2.5:49737 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49743 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49747 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49783 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.111.175.102:443 -> 192.168.2.5:49784 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49790 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.5:49787 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49792 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49798 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 35.190.209.22:443 -> 192.168.2.5:49803 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 35.190.209.22:443 -> 192.168.2.5:49810 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.111.175.102:443 -> 192.168.2.5:49816 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49825 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49840 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.5:49839 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49849 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49851 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49862 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49863 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49872 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49876 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49894 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49895 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49895 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49909 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49918 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49919 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49935 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49936 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49951 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49953 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49965 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49981 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.111.175.102:443 -> 192.168.2.5:49986 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.160.176.28:443 -> 192.168.2.5:49996 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.111.24.1:443 -> 192.168.2.5:49993 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.111.24.1:443 -> 192.168.2.5:49994 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.111.175.102:443 -> 192.168.2.5:49995 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49998 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50013 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50014 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.160.176.28:443 -> 192.168.2.5:50017 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.111.175.102:443 -> 192.168.2.5:50016 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50023 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50024 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50026 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50033 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50042 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.149.202.126:443 -> 192.168.2.5:50044 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50045 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50052 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50060 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50062 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50064 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50079 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50110 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.149.202.126:443 -> 192.168.2.5:50126 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50141 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50182 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50226 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.111.24.1:443 -> 192.168.2.5:50229 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50230 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50231 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50269 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50345 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50352 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50416 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50477 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50508 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50527 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50592 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50697 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50698 version: TLS 1.2
      Contains modern PE file flags such as dynamic base (ASLR) or NX
      Source: lw2HMxuVuf.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
      Binary contains paths to debug symbols
      Source: Binary string: UxTheme.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: CLBCatQ.pdbr; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: rsaenh.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: winnsi.pdb`; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: bcrypt.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: ucrtbase.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: wbemcomn.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: taskschd.pdbw; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: C:\BUILD\work\c1dae475bef2edc0\bin_x86\v143\Release Static\neutral\pfUI_link.pdb# source: lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2802095777.000000006B047000.00000002.00000001.01000000.0000000B.sdmp
      Source: Binary string: cryptsp.pdbo; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: mskeyprotect.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: msvcrt.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: winnsi.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: cryptsp.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: advapi32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: C:\BUILD\work\67d9289f94964a81\BUILDS\Release\x86\CCUpdate.pdb source: CCUpdate.exe, 00000007.00000000.2510072602.0000000000A34000.00000002.00000001.01000000.00000018.sdmp, CCUpdate.exe, 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmp, CCUpdate.exe, 00000008.00000002.2527898318.0000000000A34000.00000002.00000001.01000000.00000018.sdmp, CCUpdate.exe, 00000008.00000000.2524315754.0000000000A34000.00000002.00000001.01000000.00000018.sdmp
      Source: Binary string: CLBCatQ.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: urlmon.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: schannel.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: shlwapi.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: taskschd.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: D:\work\848d668bab18d6e2\bin_x86\v142\Release Static\neutral\ServiceUninstaller_link.pdb source: lw2HMxuVuf.exe, 00000000.00000002.2800041545.000000006A14B000.00000002.00000001.01000000.00000014.sdmp
      Source: Binary string: kernel32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2557982481.000001A4341F0000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: usp10.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: oleacc.pdb.A source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: win32u.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: urlmon.pdb)A source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: srvcli.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: imm32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: gcapi_dll.dll.pdb| source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmp
      Source: Binary string: comdlg32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: ws2_32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: winspool.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: mswsock.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: iphlpapi.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: nsi.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: webio.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: winmm.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: cfgmgr32.pdb~; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: gpapi.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: powrprof.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: ole32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: gcapi_dll.dll.pdb source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmp
      Source: Binary string: iertutil.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: imm32.pdb$A source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: msasn1.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: C:\_av\BUILDS\Release\x86\emupdate.pdb source: CCUpdate.exe, 00000007.00000003.2588880320.0000000000D65000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: C:\BUILD\work\c1dae475bef2edc0\bin_x86\v143\Release Static\neutral\pfBL_link.pdb source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp
      Source: Binary string: C:\BUILD\work\8889074bed3874b9\bin\CCleaner\Release Static\x64\CCleaner64.pdb source: CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: cfgmgr32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: combase.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: Windows.Storage.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: C:\BUILD\work\7f23b0fca235e2b8\BUILDS\Release\x64\AvBugReport.pdb source: CCleanerBugReport.exe, 0000000B.00000002.2666069416.00007FF66186A000.00000002.00000001.01000000.0000001A.sdmp
      Source: Binary string: ncrypt.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: secur32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: dpapi.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: apphelp.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: rasadhlp.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: UMPDC.pdbc; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: kernelbase.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: netutils.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: C:\BUILD\work\c1dae475bef2edc0\bin_x86\v143\Release Static\neutral\pfUI_link.pdb source: lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2802095777.000000006B047000.00000002.00000001.01000000.0000000B.sdmp
      Source: Binary string: UMPDC.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: dhcpcsvc.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: rpcrt4.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: netutils.pdby; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: fastprox.pdbe; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: schannel.pdbt; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: shcore.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: oleacc.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: shell32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: sspicli.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: msvcp_win.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: dnsapi.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: C:\BUILD\work\7f23b0fca235e2b8\BUILDS\Release\x64\avDump.pdb source: CCleanerCrashDump.exe, 00000009.00000002.2559469510.00007FF66A0F9000.00000002.00000001.01000000.00000019.sdmp, CCleanerCrashDump.exe, 00000009.00000000.2543417283.00007FF66A0F9000.00000002.00000001.01000000.00000019.sdmp
      Source: Binary string: userenv.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: C:\BUILD\work\7f23b0fca235e2b8\BUILDS\Release\x64\avDump.pdbG source: CCleanerCrashDump.exe, 00000009.00000002.2559469510.00007FF66A0F9000.00000002.00000001.01000000.00000019.sdmp, CCleanerCrashDump.exe, 00000009.00000000.2543417283.00007FF66A0F9000.00000002.00000001.01000000.00000019.sdmp
      Source: Binary string: winhttp.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: ntasn1.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: gdi32full.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: gdiplus.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: dbghelp.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: gdi32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: profapi.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: dhcpcsvc6.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: WindowsCodecs.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: dnsapi.pdbQ; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: WLDP.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: sechost.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: dpapi.pdb;1 source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: propsys.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: winhttp.pdbl; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: fastprox.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: wbemsvc.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: mstask.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: ncryptsslp.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: C:\BUILD\work\3ec84b7238d5b18a\BUILDS\Release\x86\AvastAdSDK_Release Static.pdb source: lw2HMxuVuf.exe, 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: msctf.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: version.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: dbgcore.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: user32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: winmm.pdb'A source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: Kernel.Appcore.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: fwpuclnt.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: cryptbase.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: bcryptprimitives.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: C:\BUILD\work\c1dae475bef2edc0\bin_x86\v143\Release Static\neutral\pfBL_link.pdb#@ source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp
      Source: Binary string: ntdll.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2557982481.000001A4341F0000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: Amsi.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: msctf.pdbj; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: oleaut32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: dxgi.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: apphelp.pdb.1 source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: comctl32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: wbemprox.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: crypt32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}Jump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAsJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32Jump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32Jump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandlerJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}Jump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAsJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32Jump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32Jump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandlerJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer32Jump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServerJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}Jump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\ElevationJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}Jump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAsJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}Jump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAsJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32Jump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32Jump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandlerJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}Jump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAsJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32Jump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32Jump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandlerJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer32Jump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServerJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}Jump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\ElevationJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}Jump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAsJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}Jump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAsJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32Jump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32Jump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandlerJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}Jump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAsJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32Jump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32Jump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandlerJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer32Jump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServerJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}Jump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\ElevationJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}Jump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAsJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\Elevation
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\Elevation
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\Elevation
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\Elevation
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\Elevation
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\Elevation
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\Elevation
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\Elevation
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_CURRENT_USER_Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer32
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\Elevation
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
      Source: C:\Program Files\CCleaner\CCleaner64.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009CF00C __EH_prolog3_GS,FindFirstFileW,SetFileAttributesW,DeleteFileW,GetLastError,Sleep,FindNextFileW,SetFileAttributesW,RemoveDirectoryW,GetLastError,FindClose,7_2_009CF00C
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_00A25B9E FindFirstFileExW,7_2_00A25B9E
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009E0B37 __EH_prolog3_GS,FindFirstFileW,GetFileAttributesW,FindNextFileW,FindClose,7_2_009E0B37
      Source: unknownNetwork traffic detected: DNS query count 60
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49712 -> 34.111.24.1:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49708 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49783 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49790 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49784 -> 34.111.175.102:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49792 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49803 -> 35.190.209.22:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49825 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49810 -> 35.190.209.22:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49798 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49743 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49816 -> 34.111.175.102:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49840 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49851 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49863 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49849 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49862 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49747 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49872 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49876 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49894 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49895 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49909 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49935 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49919 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49936 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49951 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49965 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49953 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49981 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50013 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49918 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:49998 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50014 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50024 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50023 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50026 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50033 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50042 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50044 -> 34.149.202.126:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50052 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50062 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50045 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50060 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50079 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50110 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50064 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50126 -> 34.149.202.126:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50141 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50182 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50231 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50226 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50230 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50269 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50345 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50352 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50416 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50477 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50527 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50592 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:50697 -> 34.117.223.223:443
      Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.5:49737 -> 34.160.176.28:443
      Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.5:49765 -> 34.160.176.28:443
      Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.5:49986 -> 34.111.175.102:443
      Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.5:49996 -> 34.160.176.28:443
      Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.5:49993 -> 34.111.24.1:443
      Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.5:49995 -> 34.111.175.102:443
      Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.5:49994 -> 34.111.24.1:443
      Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.5:50017 -> 34.160.176.28:443
      Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.5:50016 -> 34.111.175.102:443
      Source: Network trafficSuricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.5:50029 -> 172.66.0.227:443
      Source: Network trafficSuricata IDS: 2022112 - Severity 1 - ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 2015 : 192.168.2.5:50032 -> 104.244.42.195:443
      Source: Network trafficSuricata IDS: 2803270 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UHCa : 192.168.2.5:50698 -> 34.117.223.223:443
      Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49801 version: TLS 1.0
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
      Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
      Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
      Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
      Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 4.245.163.56
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.63
      Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /?p_elm=76&action=1&p_age=0&p_bau=0&p_bsls=0&p_chcc=2&p_chr=0&p_dvt=3&p_fds=172544&p_gis=0&p_hid=aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a&p_lid=en-CH&p_lng=en&p_midex=1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0&p_osv=10.0&p_pro=90&p_sbi=0&p_scbu=0&p_tos=0&p_vbd=11385&p_vep=6&p_ves=30&p_wid=1675281926 HTTP/1.1Connection: Keep-AliveUser-Agent: Avast AntivirusHost: ipm-provider.ff.avast.com
      Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=GRl3eG9fkn88GgF&MD=UgZxxMnN HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
      Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /?p_vep=6&p_ves=30&p_vbd=11385&p_lit=0&p_midex=1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0&p_hid=aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a&p_pro=90&p_osv=10.0&p_gksw=0&p_lng=en&p_lid=en-us HTTP/1.1User-Agent: Mozilla/4.0 (CCleaner, 6.30.11385)Host: shepherd.ff.avast.comCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120644v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /?p_vep=6&p_ves=30&p_vbd=11385&p_lit=0&p_midex=1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0&p_hid=aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a&p_pro=90&p_osv=10.0&p_gksw=0&p_lng=en&p_lid=en-us HTTP/1.1User-Agent: Mozilla/4.0 (CCleaner, 6.30.11385)Host: shepherd.ff.avast.comCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /rules/rule120645v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120647v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120646v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120648v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120649v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120653v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120652v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120654v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120655v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120656v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120658v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120659v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120657v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120660v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120662v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120661v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120664v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120663v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /v2/info HTTP/1.1Cache-Control: no-cacheConnection: Keep-AlivePragma: no-cacheUser-Agent: CCleaner Update AgentHost: ip-info.ff.avast.com
      Source: global trafficHTTP traffic detected: GET /rules/rule120665v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120666v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120668v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120667v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120669v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120670v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120671v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120672v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120673v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120674v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120676v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120675v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120677v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120678v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120679v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120680v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120681v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120682v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120602v10s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule120601v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /v2/info HTTP/1.1Cache-Control: no-cacheConnection: Keep-AlivePragma: no-cacheUser-Agent: CCleaner Update AgentHost: ip-info.ff.avast.com
      Source: global trafficHTTP traffic detected: GET /rules/rule224901v11s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=GRl3eG9fkn88GgF&MD=UgZxxMnN HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
      Source: global trafficHTTP traffic detected: GET /rules/rule701250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /consent/831b8ee0-e952-49a5-af6b-01382c722774/OtAutoBlock.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /scripttemplates/otSDKStub.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule700401v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700400v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /scripttemplates/otSDKStub.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule700351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /consent/831b8ee0-e952-49a5-af6b-01382c722774/OtAutoBlock.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule703901v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /consent/831b8ee0-e952-49a5-af6b-01382c722774/831b8ee0-e952-49a5-af6b-01382c722774.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.ccleaner.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule703900v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /consent/831b8ee0-e952-49a5-af6b-01382c722774/831b8ee0-e952-49a5-af6b-01382c722774.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"accept: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://www.ccleaner.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule702801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703351v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1732446913141 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Content-Type: application/x-www-form-urlencodedAccept: */*Origin: https://www.ccleaner.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule703350v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703501v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule703500v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701801v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701800v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /m2/symantec/mbox/json?mbox=sym_global_mbox&mboxSession=e429fa507a58432fa5e510cf4405a010&mboxPC=&mboxPage=022aa431307845d2a0697896603780bd&mboxRid=4ef1b8fbaa2444e8aafbdfba074c45d0&mboxVersion=1.8.3&mboxCount=1&mboxTime=1732428913249&mboxHost=www.ccleaner.com&mboxURL=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&mboxReferrer=&browserHeight=870&browserWidth=1017&browserTimeOffset=-300&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=ANGLE%20(Google%2C%20Vulkan%201.3.0%20(SwiftShader%20Device%20(Subzero)%20(0x0000C0DE))%2C%20SwiftShader%20driver)&country=us&language=en&pagename=ccleaner-v6-30-11385&at_property=74efb873-ee28-a71f-a807-f416259640d3&site_section=ccleaner&site_subsection=knowledge&mboxMCSDID=4523341CF3BE0AEE-41D4D261AA724F9B HTTP/1.1Host: symantec.tt.omtrdc.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.ccleaner.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1732446913141 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=87069833943671932313219418043970534423
      Source: global trafficHTTP traffic detected: GET /rules/rule701051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /dest5.html?d_nsid=0 HTTP/1.1Host: symantec.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=87069833943671932313219418043970534423
      Source: global trafficHTTP traffic detected: GET /rules/rule702751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /scripttemplates/6.36.0/otBannerSdk.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule702750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /m2/symantec/mbox/json?mbox=sym_global_mbox&mboxSession=e429fa507a58432fa5e510cf4405a010&mboxPC=&mboxPage=022aa431307845d2a0697896603780bd&mboxRid=4ef1b8fbaa2444e8aafbdfba074c45d0&mboxVersion=1.8.3&mboxCount=1&mboxTime=1732428913249&mboxHost=www.ccleaner.com&mboxURL=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&mboxReferrer=&browserHeight=870&browserWidth=1017&browserTimeOffset=-300&screenHeight=1024&screenWidth=1280&colorDepth=24&devicePixelRatio=1&screenOrientation=landscape&webGLRenderer=ANGLE%20(Google%2C%20Vulkan%201.3.0%20(SwiftShader%20Device%20(Subzero)%20(0x0000C0DE))%2C%20SwiftShader%20driver)&country=us&language=en&pagename=ccleaner-v6-30-11385&at_property=74efb873-ee28-a71f-a807-f416259640d3&site_section=ccleaner&site_subsection=knowledge&mboxMCSDID=4523341CF3BE0AEE-41D4D261AA724F9B HTTP/1.1Host: symantec.tt.omtrdc.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule702300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703401v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703400v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /consent/831b8ee0-e952-49a5-af6b-01382c722774/01912753-8c21-7a17-883f-0a91a4e5ae8b/en.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.ccleaner.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule700501v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /wi/ytc.js HTTP/1.1Host: s.yimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /uwt.js HTTP/1.1Host: static.ads-twitter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule700500v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701351v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /scripttemplates/6.36.0/assets/otCenterRounded.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.ccleaner.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /scripttemplates/6.36.0/assets/v2/otPcCenter.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.ccleaner.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /scripttemplates/6.36.0/assets/otCommonStyles.css HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.ccleaner.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /tags/563151391133/tag.js HTTP/1.1Host: www.mczbf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /api/mhubc.js HTTP/1.1Host: mstatic.ccleaner.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: at_check=true; AMCVS_67C716D751E567F70A490D4C%40AdobeOrg=1; AMCV_67C716D751E567F70A490D4C%40AdobeOrg=179643557%7CMCIDTS%7C20052%7CMCMID%7C86915098161613896303235469939112226982%7CMCAAMLH-1733051715%7C6%7CMCAAMB-1733051715%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1732454115s%7CNONE%7CvVersion%7C5.5.0; mbox=session#e429fa507a58432fa5e510cf4405a010#1732448778|PC#e429fa507a58432fa5e510cf4405a010.37_0#1795691718; avstperm=C0001%3A0%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CC0005%3A0; sourceCodeCookie=999_a8k||source=direct|medium=(none)|campaign=(not set)|segmentCode=a; __trSrc=999_a8k; sdl_cid=1094632226.1732446919; _gcl_au=1.1.225519617.1732446920; __srcCookie=007_z8k||source=(Other)|medium=(none)|campaign=(not set)|segmentCode=z; pglpid=undefined
      Source: global trafficHTTP traffic detected: GET /b/ss/symanteccom/1/JS-2.22.0-LDQM/s18539589585813?AQB=1&ndh=1&pf=1&t=24%2F10%2F2024%206%3A15%3A21%200%20300&sdid=4523341CF3BE0AEE-41D4D261AA724F9B&mid=86915098161613896303235469939112226982&aamlh=6&ce=UTF-8&pageName=ccleaner%3Aus%3Aknowledge%3Accleaner-v6-30-11385&g=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&cc=USD&server=norton&events=event69&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=us&c3=en&c8=D%3Dv163&c14=D%3Dv16&v18=ccleaner%3Aus%3Aknowledge%3Accleaner-v6-30-11385&v21=D%3Dc21&v27=D%3Dc2&v28=D%3Dc3&c35=D%3DpageName&c41=ccleaner&v41=D%3Dc41&c46=html&c47=page&v47=s_code_norton%202024-10-07&c48=CCleaner%20v6.30.11385&v48=D%3Dc49&c49=knowledge&v49=D%3Dc48&v57=86915098161613896303235469939112226982&c59=ccleaner%3Aknowledge%3Accleaner-v6-30-11385&v59=D%3Dc59&v72=ccleaner&c75=D%3Dv57&v96=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385&v164=ccleaner%3A999_a&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1034&bh=870&mcorgid=67C716D751E567F70A490D4C%40AdobeOrg&AQE=1 HTTP/1.1Host: oms.ccleaner.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: at_check=true; AMCVS_67C716D751E567F70A490D4C%40AdobeOrg=1; AMCV_67C716D751E567F70A490D4C%40AdobeOrg=179643557%7CMCIDTS%7C20052%7CMCMID%7C86915098161613896303235469939112226982%7CMCAAMLH-1733051715%7C6%7CMCAAMB-1733051715%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1732454115s%7CNONE%7CvVersion%7C5.5.0; mbox=session#e429fa507a58432fa5e510cf4405a010#1732448778|PC#e429fa507a58432fa5e510cf4405a010.37_0#1795691718; avstperm=C0001%3A0%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0%2CC0005%3A0; sourceCodeCookie=999_a8k||source=direct|medium=(none)|campaign=(not set)|segmentCode=a; __trSrc=999_a8k; sdl_cid=1094632226.1732446919; _gcl_au=1.1.225519617.1732446920; __srcCookie=007_z8k||source=(Other)|medium=(none)|campaign=(not set)|segmentCode=z; pglpid=undefined; s_nr=1732446921978-New; event69=event69; channelStack=s_eVar72~ccleaner; s_tbm=true; s_gpv=ccleaner%3Aus%3Aknowledge%3Accleaner-v6-30-11385; s_gpv_custom=ccleaner%3Aknowledge%3Accleaner-v6-30-11385; s_cc=true
      Source: global trafficHTTP traffic detected: GET /rules/rule701350v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /ibs:dpid=411&dpuuid=Z0MKzAAAAHGmGQO- HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=87069833943671932313219418043970534423
      Source: global trafficHTTP traffic detected: GET /scripttemplates/6.36.0/otBannerSdk.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /unifiedPixel?au=false&bust=09954157885839694&referrer=&cht=ot&marketerId=001ac0827d67b7b38319c9517e7fa2f4cc&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&g=1&zone=all&obApiVersion=1.1&obtpVersion=2.0.5 HTTP/1.1Host: tr.outbrain.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyAttribution-Reporting-Eligible: trigger=navigation-sourceReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /wi/config/10180940.json HTTP/1.1Host: s.yimg.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://www.ccleaner.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule702150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /v1/info HTTP/1.1User-Agent: Mozilla/4.0 (CCleaner, 6.30.11385)Host: ip-info.ff.avast.comCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /rules/rule703000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /consent/831b8ee0-e952-49a5-af6b-01382c722774/01912753-8c21-7a17-883f-0a91a4e5ae8b/en.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /scripttemplates/6.36.0/assets/otCenterRounded.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /scripttemplates/6.36.0/assets/otCommonStyles.css HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /scripttemplates/6.36.0/assets/v2/otPcCenter.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /?p_lng=en&p_lid=en-us&p_ads=1&p_devrsrch=1&p_thrdprt=1&p_thrdtr=1&p_midex=1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0&p_hid=aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a&p_ubs=50&p_trs=0&p_alp=0&p_jar=0&p_cclic=&p_chcc=0&p_bld=mmm_ccl_012_999_a8k_m&p_dols=0&p_sols=0&p_pts=0&p_ftc=0&p_btc=0&p_pro=90&p_vep=6&p_ves=30&p_vbd=11385&p_osv=10.0&p_wsc2v_av=9011&p_gksw=0&p_chr=0&p_sbi=0&p_scbu=0&p_tos=0&p_bau=0&p_dvt=3&p_bsls=0&p_gis=0&p_fds=172544&p_cco=0&p_ccgx=0&p_cce=1&p_cced=0&p_ccnsv=0&p_ccnu=0&p_ccna=0&p_ccnl=0&p_lit=0&p_avt=cc-pro-trial&p_wvv=117.0.2045.47&p_age=0&p_tcy=0&p_pct=0&p_jct=0 HTTP/1.1User-Agent: Mozilla/4.0 (CCleaner, 6.30.11385)Host: shepherd.ff.avast.comCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /?action=1&p_elm=0&p_lng=en&p_lid=en-us&p_ads=1&p_devrsrch=1&p_thrdprt=1&p_thrdtr=1&p_midex=1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0&p_hid=aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a&p_ubs=50&p_trs=0&p_alp=0&p_jar=0&p_cclic=&p_chcc=0&p_bld=mmm_ccl_012_999_a8k_m&p_dols=0&p_sols=0&p_pts=0&p_ftc=0&p_btc=0&p_pro=90&p_vep=6&p_ves=30&p_vbd=11385&p_osv=10.0&p_wsc2v_av=9011&p_gksw=0&p_chr=0&p_sbi=0&p_scbu=0&p_tos=0&p_bau=0&p_dvt=3&p_bsls=0&p_gis=0&p_fds=172544&p_cco=0&p_ccgx=0&p_cce=1&p_cced=0&p_ccnsv=0&p_ccnu=0&p_ccna=0&p_ccnl=0&p_lit=0&p_avt=cc-pro-trial&p_wvv=117.0.2045.47&p_age=0&p_tcy=0&p_pct=0&p_jct=0&p_lex=-1&p_ccgd=0&p_ccod=0&p_ccdb=0&p_pctn=0&p_iau=0&p_qcm=0&p_hcm=1&p_sum=1&p_ost=0&p_scr=1&p_fid=20241124 HTTP/1.1User-Agent: Mozilla/4.0 (CCleaner, 6.30.11385)Host: ipm-provider.ff.avast.comCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /?action=1&p_elm=229&p_lng=en&p_lid=en-us&p_ads=1&p_devrsrch=1&p_thrdprt=1&p_thrdtr=1&p_midex=1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0&p_hid=aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a&p_ubs=50&p_trs=0&p_alp=0&p_jar=0&p_cclic=&p_chcc=0&p_bld=mmm_ccl_012_999_a8k_m&p_dols=0&p_sols=0&p_pts=0&p_ftc=0&p_btc=0&p_pro=90&p_vep=6&p_ves=30&p_vbd=11385&p_osv=10.0&p_wsc2v_av=9011&p_gksw=0&p_chr=0&p_sbi=0&p_scbu=0&p_tos=0&p_bau=0&p_dvt=3&p_bsls=0&p_gis=0&p_fds=172544&p_cco=0&p_ccgx=0&p_cce=1&p_cced=0&p_ccnsv=0&p_ccnu=0&p_ccna=0&p_ccnl=0&p_lit=0&p_avt=cc-pro-trial&p_wvv=117.0.2045.47&p_age=0&p_tcy=0&p_pct=0&p_jct=0&p_lex=-1&p_ccgd=0&p_ccod=0&p_ccdb=0&p_pctn=0&p_iau=0&p_qcm=0&p_hcm=1&p_sum=1&p_ost=0&p_scr=1&p_fid=20241124 HTTP/1.1User-Agent: Mozilla/4.0 (CCleaner, 6.30.11385)Host: ipm-provider.ff.avast.comCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /v1/info HTTP/1.1User-Agent: Mozilla/4.0 (CCleaner, 6.30.11385)Host: ip-info.ff.avast.comCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /uwt.js HTTP/1.1Host: static.ads-twitter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /b/ss/symanteccom/1/JS-2.22.0-LDQM/s18539589585813?AQB=1&ndh=1&pf=1&t=24%2F10%2F2024%206%3A15%3A21%200%20300&sdid=4523341CF3BE0AEE-41D4D261AA724F9B&mid=86915098161613896303235469939112226982&aamlh=6&ce=UTF-8&pageName=ccleaner%3Aus%3Aknowledge%3Accleaner-v6-30-11385&g=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&cc=USD&server=norton&events=event69&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=us&c3=en&c8=D%3Dv163&c14=D%3Dv16&v18=ccleaner%3Aus%3Aknowledge%3Accleaner-v6-30-11385&v21=D%3Dc21&v27=D%3Dc2&v28=D%3Dc3&c35=D%3DpageName&c41=ccleaner&v41=D%3Dc41&c46=html&c47=page&v47=s_code_norton%202024-10-07&c48=CCleaner%20v6.30.11385&v48=D%3Dc49&c49=knowledge&v49=D%3Dc48&v57=86915098161613896303235469939112226982&c59=ccleaner%3Aknowledge%3Accleaner-v6-30-11385&v59=D%3Dc59&v72=ccleaner&c75=D%3Dv57&v96=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385&v164=ccleaner%3A999_a&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1034&bh=870&mcorgid=67C716D751E567F70A490D4C%40AdobeOrg&AQE=1 HTTP/1.1Host: oms.ccleaner.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: at_check=true; AMCVS_67C716D751E567F70A490D4C%40AdobeOrg=1; AMCV_67C716D751E567F70A490D4C%40AdobeOrg=179643557%7CMCIDTS%7C20052%7CMCMID%7C86915098161613896303235469939112226982%7CMCAAMLH-1733051715%7C6%7CMCAAMB-1733051715%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1732454115s%7CNONE%7CvVersion%7C5.5.0; mbox=session#e429fa507a58432fa5e510cf4405a010#1732448778|PC#e429fa507a58432fa5e510cf4405a010.37_0#1795691718; sourceCodeCookie=999_a8k||source=direct|medium=(none)|campaign=(not set)|segmentCode=a; __trSrc=999_a8k; sdl_cid=1094632226.1732446919; _gcl_au=1.1.225519617.1732446920; __srcCookie=007_z8k||source=(Other)|medium=(none)|campaign=(not set)|segmentCode=z; pglpid=undefined; s_nr=1732446921978-New; event69=event69; channelStack=s_eVar72~ccleaner; s_tbm=true; s_gpv=ccleaner%3Aus%3Aknowledge%3Accleaner-v6-30-11385; s_gpv_custom=ccleaner%3Aknowledge%3Accleaner-v6-30-11385; s_cc=true; avstperm=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1%2CC0005%3A1; OptanonConsent=isIABGlobal=false&datestamp=Sun+Nov+24+2024+06%3A15%3A24+GMT-0500+(Eastern+Standard+Time)&version=6.36.0&hosts=&consentId=7d48a426-7a11-45ab-8358-f0f1978a2c57&interactionCount=0&landingPath=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&groups=C0001%3A1%2CC0003%3A1%2CC0002%3A1%2CBG232%3A1%2CC0004%3A1%2CC0005%3A1
      Source: global trafficHTTP traffic detected: GET /wi/ytc.js HTTP/1.1Host: s.yimg.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule700751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /?p_lng=en&p_lid=en-us&p_ads=1&p_devrsrch=1&p_thrdprt=1&p_thrdtr=1&p_midex=1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0&p_hid=aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a&p_ubs=50&p_trs=0&p_alp=0&p_jar=0&p_cclic=&p_chcc=0&p_bld=mmm_ccl_012_999_a8k_m&p_dols=0&p_sols=0&p_pts=0&p_ftc=0&p_btc=0&p_pro=90&p_vep=6&p_ves=30&p_vbd=11385&p_osv=10.0&p_wsc2v_av=9011&p_gksw=0&p_chr=0&p_sbi=0&p_scbu=0&p_tos=0&p_bau=0&p_dvt=3&p_bsls=0&p_gis=0&p_fds=172544&p_cco=0&p_ccgx=0&p_cce=1&p_cced=0&p_ccnsv=0&p_ccnu=0&p_ccna=0&p_ccnl=0&p_lit=0&p_avt=cc-pro-trial&p_wvv=117.0.2045.47&p_age=0&p_tcy=0&p_pct=0&p_jct=0 HTTP/1.1User-Agent: Mozilla/4.0 (CCleaner, 6.30.11385)Host: shepherd.ff.avast.comCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /rules/rule700750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /v1/info HTTP/1.1User-Agent: Mozilla/4.0 (CCleaner, 6.30.11385)Host: ip-info.ff.avast.comCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /rules/rule703451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /i/adsct?bci=3&dv=America%2FNew_York%26en-US%2Cen%26Google%20Inc.%26Win32%26255%261280%261024%264%2624%261280%26984%260%26na&eci=2&event_id=f0466fac-a653-4a79-868b-04f8676bc357&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1bd174fb-a78f-4078-9437-448582031ffa&tw_document_href=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4ls7&type=javascript&version=2.3.31 HTTP/1.1Host: t.coConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /i/adsct?bci=3&dv=America%2FNew_York%26en-US%2Cen%26Google%20Inc.%26Win32%26255%261280%261024%264%2624%261280%26984%260%26na&eci=2&event_id=f0466fac-a653-4a79-868b-04f8676bc357&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1bd174fb-a78f-4078-9437-448582031ffa&tw_document_href=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4ls7&type=javascript&version=2.3.31 HTTP/1.1Host: analytics.twitter.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /cachedClickId?marketerId=001ac0827d67b7b38319c9517e7fa2f4cc HTTP/1.1Host: tr.outbrain.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule700901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /adalyser.js?cid=ccleaner HTTP/1.1Host: c5.adalyser.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule702251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /en_US/fbevents.js HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /bat.js HTTP/1.1Host: bat.bing.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /logos/static/powered_by_logo.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule702651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /711037.gif?partner_uid=20038232-384c-4316-839d-646e1b28eccd HTTP/1.1Host: idsync.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule702650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /td/ga/rul?tid=G-YG64G9XX0R&gacid=246986528.1732446933&gtm=45je4bk0v872524127za200zb9132702579&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=492160558 HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /c/hotjar-857043.js?sv=6 HTTP/1.1Host: static.hotjar.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule702901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /tracking/track/v3/p?stm=1732446933112&e=lce1&url=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&cid=ccleaner&p=%7B%22et%22%3A1732446933109%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Direct%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%22direct%22%2C%22me%22%3A%22none%22%2C%22ca%22%3A%22direct%22%2C%22co%22%3A%22(not%20set)%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A%221%22%2C%22sid%22%3A%221b678712-0cc8-486d-89d0-05e165f88b18%22%2C%22duid%22%3A%226a43d717-b772-42a5-badd-e897920af092%22%2C%22cw%22%3A1732446933109%7D&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.0.0%20Safari%2F537.36&domain=www.ccleaner.com HTTP/1.1Host: c5.adalyser.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /signals/config/2679475345708101?v=2.9.176&r=stable&domain=www.ccleaner.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113 HTTP/1.1Host: connect.facebook.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /1000.gif?memo=CP2yKxIwCiwIARCl_gkaJDIwMDM4MjMyLTM4NGMtNDMxNi04MzlkLTY0NmUxYjI4ZWNjZBAAGg0I15WMugYSBQjoBxAAQgBKAA HTTP/1.1Host: idsync.rlcdn.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=4O3GqXr0wiwus41xdBVgeySaSv5OKJjsacwPv7nhkl4=; pxrc=CAA=
      Source: global trafficHTTP traffic detected: GET /sp.pl?a=10000&d=Sun%2C%2024%20Nov%202024%2011%3A15%3A25%20GMT&n=5&b=CCleaner%20v6.30.11385&.yp=10180940&f=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&enc=UTF-8&yv=1.16.5&tagmgr=gtm%2Cadobe HTTP/1.1Host: sp.analytics.yahoo.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule702900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703850v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703601v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /modules.86621fa4aeada5bcf025.js HTTP/1.1Host: script.hotjar.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule703851v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703600v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /tr/?id=2679475345708101&ev=PageView&dl=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&rl=&if=false&ts=1732446936663&sw=1280&sh=1024&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732446936660.65224446665965545&cs_est=true&ler=empty&cdl=API_unavailable&it=1732446935268&coo=false&dpo=&tm=1&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2679475345708101&ev=PageView&dl=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&rl=&if=false&ts=1732446936663&sw=1280&sh=1024&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732446936660.65224446665965545&cs_est=true&ler=empty&cdl=API_unavailable&it=1732446935268&coo=false&dpo=&tm=1&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAttribution-Reporting-Eligible: event-source, trigger, not-navigation-sourceReferer: https://www.ccleaner.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule703801v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703800v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703701v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703700v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703751v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703750v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule704051v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule704050v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /i/adsct?bci=3&dv=America%2FNew_York%26en-US%2Cen%26Google%20Inc.%26Win32%26255%261280%261024%264%2624%261280%26984%260%26na&eci=2&event_id=f0466fac-a653-4a79-868b-04f8676bc357&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1bd174fb-a78f-4078-9437-448582031ffa&tw_document_href=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4ls7&type=javascript&version=2.3.31 HTTP/1.1Host: t.coConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: muc_ads=25f3b841-45cb-48a6-b59e-9071b88de6cb; __cf_bm=yLFGeSfoAWKrGQq18FlQttVx.yvgNuczc8oFxhEZlkU-1732446932-1.0.1.1-Da5R_X9JfmXgKB7loXsUHO0OG24QaBQgJQdp4xKWnweu5QLf.cUqD97wWrfxz7U.ICQyLRst1n00q6h7Z8LzbA
      Source: global trafficHTTP traffic detected: GET /ibs:dpid=411&dpuuid=Z0MKzAAAAHGmGQO- HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: demdex=87069833943671932313219418043970534423; dpm=87069833943671932313219418043970534423
      Source: global trafficHTTP traffic detected: GET /unifiedPixel?au=false&bust=09954157885839694&referrer=&cht=ot&marketerId=001ac0827d67b7b38319c9517e7fa2f4cc&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&g=1&zone=all&obApiVersion=1.1&obtpVersion=2.0.5 HTTP/1.1Host: tr.outbrain.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /i/adsct?bci=3&dv=America%2FNew_York%26en-US%2Cen%26Google%20Inc.%26Win32%26255%261280%261024%264%2624%261280%26984%260%26na&eci=2&event_id=f0466fac-a653-4a79-868b-04f8676bc357&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1bd174fb-a78f-4078-9437-448582031ffa&tw_document_href=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4ls7&type=javascript&version=2.3.31 HTTP/1.1Host: analytics.twitter.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: personalization_id="v1_N7fGwYhwKdk8ai2C9LmtZw=="
      Source: global trafficHTTP traffic detected: GET /cachedClickId?marketerId=001ac0827d67b7b38319c9517e7fa2f4cc HTTP/1.1Host: tr.outbrain.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule701700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702051v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702050v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /api/mhubc.js HTTP/1.1Host: mstatic.ccleaner.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: at_check=true; AMCVS_67C716D751E567F70A490D4C%40AdobeOrg=1; mbox=session#e429fa507a58432fa5e510cf4405a010#1732448778|PC#e429fa507a58432fa5e510cf4405a010.37_0#1795691718; sourceCodeCookie=999_a8k||source=direct|medium=(none)|campaign=(not set)|segmentCode=a; __trSrc=999_a8k; sdl_cid=1094632226.1732446919; _gcl_au=1.1.225519617.1732446920; __srcCookie=007_z8k||source=(Other)|medium=(none)|campaign=(not set)|segmentCode=z; pglpid=undefined; s_nr=1732446921978-New; event69=event69; channelStack=s_eVar72~ccleaner; s_tbm=true; s_gpv=ccleaner%3Aus%3Aknowledge%3Accleaner-v6-30-11385; s_gpv_custom=ccleaner%3Aknowledge%3Accleaner-v6-30-11385; s_cc=true; avstperm=C0001%3A1%2CC0002%3A1%2CC0003%3A1%2CC0004%3A1%2CC0005%3A1; OptanonConsent=isIABGlobal=false&datestamp=Sun+Nov+24+2024+06%3A15%3A24+GMT-0500+(Eastern+Standard+Time)&version=6.36.0&hosts=&consentId=7d48a426-7a11-45ab-8358-f0f1978a2c57&interactionCount=0&landingPath=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&groups=C0001%3A1%2CC0003%3A1%2CC0002%3A1%2CBG232%3A1%2CC0004%3A1%2CC0005%3A1; cjConsent=MHxOfDB8Tnww; cjUser=20038232-384c-4316-839d-646e1b28eccd; cjLiveRampLastCall=2024-11-24T11:15:25.327Z; AMCV_67C716D751E567F70A490D4C%40AdobeOrg=179643557%7CMCIDTS%7C20052%7CMCMID%7C86915098161613896303235469939112226982%7CMCAAMLH-1733051715%7C6%7CMCAAMB-1733051715%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1732454115s%7CNONE%7CMCSYNCSOP%7C411-20059%7CvVersion%7C5.5.0; _ga_YG64G9XX0R=GS1.1.1732446932.1.0.1732446932.60.0.0; _ga=GA1.1.246986528.1732446933; __adal_ses=*; __adal_id=6a43d717-b772-42a5-badd-e897920af092.1732446933.1.1732446933.1732446933.1b678712-0cc8-486d-89d0-05e165f88b18; __adal_ca=so%3Ddirect%26me%3Dnone%26ca%3Ddirect%26co%3D%28not%2520set%29%26ke%3D%28not%2520set%29%26cg%3DDirect; __adal_cw=1732446933109; _fbp=fb.1.1732446936660.65224446665965545
      Source: global trafficHTTP traffic detected: GET /tags/563151391133/tag.js HTTP/1.1Host: www.mczbf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /563151391133/pageInfo HTTP/1.1Host: www.mczbf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule700700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703650v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703651v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /logos/static/powered_by_logo.svg HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /1000.gif?memo=CP2yKxIwCiwIARCl_gkaJDIwMDM4MjMyLTM4NGMtNDMxNi04MzlkLTY0NmUxYjI4ZWNjZBAAGg0I15WMugYSBQjoBxAAQgBKAA HTTP/1.1Host: idsync.rlcdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: rlas3=X1eD2AyWGZUus41xdBVgeySaSv5OKJjsacwPv7nhkl4=; pxrc=CNmVjLoGEgUI6AcQAA==
      Source: global trafficHTTP traffic detected: GET /en_US/fbevents.js HTTP/1.1Host: connect.facebook.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /signals/config/2679475345708101?v=2.9.176&r=stable&domain=www.ccleaner.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113 HTTP/1.1Host: connect.facebook.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /bat.js HTTP/1.1Host: bat.bing.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /c/hotjar-857043.js?sv=6 HTTP/1.1Host: static.hotjar.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /?action=1&p_elm=0&p_lng=en&p_lid=en-us&p_geo=US&p_ads=1&p_devrsrch=1&p_thrdprt=1&p_thrdtr=1&p_midex=1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0&p_hid=aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a&p_ubs=50&p_trs=0&p_alp=0&p_jar=0&p_cclic=&p_chcc=0&p_bld=mmm_ccl_012_999_a8k_m&p_dols=0&p_sols=0&p_pts=0&p_ftc=0&p_btc=0&p_pro=90&p_vep=6&p_ves=30&p_vbd=11385&p_osv=10.0&p_wsc2v_av=9011&p_gksw=0&p_chr=0&p_sbi=0&p_scbu=0&p_tos=0&p_bau=0&p_dvt=3&p_bsls=0&p_gis=0&p_fds=172544&p_cco=0&p_ccgx=0&p_cce=1&p_cced=0&p_ccnsv=0&p_ccnu=0&p_ccna=0&p_ccnl=0&p_lit=0&p_avt=cc-pro-trial&p_wvv=117.0.2045.47&p_age=0&p_tcy=0&p_pct=0&p_jct=0&p_lex=-1&p_ccgd=0&p_ccod=0&p_ccdb=0&p_pctn=0&p_iau=0&p_qcm=0&p_hcm=1&p_sum=1&p_ost=0&p_scr=1&p_fid=20241124 HTTP/1.1User-Agent: Mozilla/4.0 (CCleaner, 6.30.11385)Host: ipm-provider.ff.avast.comCache-Control: no-cacheCookie: ViewCounter_OTHER_CCLEANER=1732446927; ViewCounter_ipmb-12865=1732446927; ClientId=c1f2ec16-faa6-41ef-9c79-4d9f7f7d30b1; ViewCounter_ccleaner_en-ww_toaster-229-toaster-campaigns_ccleaner-cloud-cleaning-paid-free-90_default-20243001=1732446927
      Source: global trafficHTTP traffic detected: GET /adalyser.js?cid=ccleaner HTTP/1.1Host: c5.adalyser.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /tracking/track/v3/p?stm=1732446933112&e=lce1&url=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&cid=ccleaner&p=%7B%22et%22%3A1732446933109%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Direct%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%22direct%22%2C%22me%22%3A%22none%22%2C%22ca%22%3A%22direct%22%2C%22co%22%3A%22(not%20set)%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A%221%22%2C%22sid%22%3A%221b678712-0cc8-486d-89d0-05e165f88b18%22%2C%22duid%22%3A%226a43d717-b772-42a5-badd-e897920af092%22%2C%22cw%22%3A1732446933109%7D&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.0.0%20Safari%2F537.36&domain=www.ccleaner.com HTTP/1.1Host: c5.adalyser.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule700600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703151v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703951v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703150v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703950v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /v4/receive/get/json/10?data=%7B%22record%22%3A%5B%7B%22event%22%3A%7B%22type%22%3A10%2C%22subtype%22%3A2%2C%22request_id%22%3A%2299d2cdc0-81c8-45c9-b62b-632bd0fee553%22%7D%2C%22identity%22%3A%7B%22guid%22%3A%22aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a%22%2C%22hwid%22%3A%221F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0%22%7D%2C%22product%22%3A%7B%22id%22%3A104%2C%22lang%22%3A%22en-us%22%2C%22version_app%22%3A%226.30.11385.mmm_ccl_012_999_a8k_m%22%2C%22build%22%3A11385%2C%22ipm_product%22%3A90%7D%2C%22platform%22%3A%7B%22version%22%3A%2210.0%22%2C%22lang%22%3A%22en-us%22%7D%2C%22license%22%3A%7B%22subscription_mode%22%3Afalse%2C%22stack%22%3A%22STACK_AVAST%22%2C%22gen_license%22%3A%7B%22state%22%3A%22EXPIRED%22%7D%7D%2C%22shepherd%22%3A%7B%7D%2C%22ab_test%22%3A%7B%7D%2C%22ipm%22%3A%7B%22common%22%3A%7B%22element%22%3A229%2C%22license_type%22%3A%22STANDARD%22%2C%22licensing_stage%22%3A%22LICENSED%22%2C%22installation_age%22%3A0%2C%22remaining_days_to_expiration%22%3A-1%2C%22flow_id%22%3A%2299d2cdc0-81c8-45c9-b62b-632bd0fee553%22%7D%2C%22content%22%3A%7B%22content_identifier%22%3A%22ccleaner%2Fen-ww%2Ftoaster-229-toaster-campaigns_ccleaner-cloud-cleaning-paid-free-90_default.html%22%2C%22content_type%22%3A%22SCREEN%22%2C%22screen_language%22%3A%22en%22%2C%22mamba_campaign%22%3A%22CCleanerCloudCleaningPaid%22%2C%22screen_name%22%3A%22toaster-229-toaster-campaigns_ccleaner-cloud-cleaning-paid-free-90_default%22%2C%22tracking%22%3A%5B%7B%22key%22%3A%22CampaignBusinessSource%22%2C%22value%22%3A%22Consumer%22%7D%2C%7B%22key%22%3A%22LicenseBusinessSource%22%2C%22value%22%3A%22NotSet%22%7D%5D%2C%22campaign_unique_key%22%3A%22ccleaner-cloud-cleaning-paid-90%22%2C%22brand%22%3A%22CCleaner%22%2C%22placement_type%22%3A%22toaster%22%2C%22message_name%22%3A%22free%22%7D%2C%22action%22%3A%7B%7D%7D%7D%5D%7D HTTP/1.1Accept: */*Accept-Language: en-CHUA-CPU: AMD64Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: analytics.ff.avast.comConnection: Keep-Alive
      Source: global trafficHTTP traffic detected: GET /rules/rule702850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700001v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700000v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /tr/?id=2679475345708101&ev=PageView&dl=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&rl=&if=false&ts=1732446936663&sw=1280&sh=1024&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732446936660.65224446665965545&cs_est=true&ler=empty&cdl=API_unavailable&it=1732446935268&coo=false&dpo=&tm=1&rqm=GET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /sp.pl?a=10000&d=Sun%2C%2024%20Nov%202024%2011%3A15%3A25%20GMT&n=5&b=CCleaner%20v6.30.11385&.yp=10180940&f=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&enc=UTF-8&yv=1.16.5&tagmgr=gtm%2Cadobe HTTP/1.1Host: sp.analytics.yahoo.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: A3=d=AQABBNoKQ2cCEFAudPibrzlJujwabq63G0AFEgEBAQFcRGdMZ9xS0iMA_eMAAA&S=AQAAAjxU9K5ZYwqaB8_bY4aB9_s
      Source: global trafficHTTP traffic detected: GET /privacy_sandbox/pixel/register/trigger/?id=2679475345708101&ev=PageView&dl=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&rl=&if=false&ts=1732446936663&sw=1280&sh=1024&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732446936660.65224446665965545&cs_est=true&ler=empty&cdl=API_unavailable&it=1732446935268&coo=false&dpo=&tm=1&rqm=FGET HTTP/1.1Host: www.facebook.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
      Source: global trafficHTTP traffic detected: GET /rules/rule703050v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703051v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701851v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701850v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700951v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702101v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702100v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700950v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703551v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703550v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702701v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702700v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701901v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /v4/receive/get/json/10?data={"record":[{"event":{"type":10,"subtype":2,"request_id":"4cb4da2a-423f-480f-a7e4-1539d39c2718"},"identity":{"guid":"aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a","hwid":"1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0"},"product":{"id":104,"lang":"en-us","version_app":"6.30.11385.mmm_ccl_012_999_a8k_m","build":11385,"ipm_product":90},"platform":{"version":"10.0","lang":"en-us"},"license":{"subscription_mode":false,"stack":"STACK_AVAST","gen_license":{"state":"EXPIRED"}},"shepherd":{},"ab_test":{},"ipm":{"common":{"element":0,"license_type":"STANDARD","licensing_stage":"LICENSED","installation_age":0,"remaining_days_to_expiration":-1,"flow_id":"4cb4da2a-423f-480f-a7e4-1539d39c2718"},"content":{"content_identifier":"ccleaner/en-ww/banner-0-banner-campaigns_ccleaner-cloud-cleaning-paid-free-banner-90_default.html","content_type":"SCREEN","screen_language":"en","mamba_campaign":"CCleanerCloudCleaningPaid","screen_name":"banner-0-banner-campaigns_ccleaner-cloud-cleaning-paid-free-banner-90_default","tracking":[{"key":"CampaignBusinessSource","value":"Consumer"},{"key":"LicenseBusinessSource","value":"NotSet"}],"campaign_unique_key":"ccleaner-cloud-cleaning-paid-90","brand":"CCleaner","placement_type":"banner","message_name":"free-banner"},"action":{}}}]} HTTP/1.1User-Agent: Mozilla/4.0 (CCleaner, 6.30.11385)Host: analytics.ff.avast.comCache-Control: no-cache
      Source: global trafficHTTP traffic detected: GET /rules/rule704001v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule704000v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701900v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702401v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702400v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701551v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701550v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700301v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700300v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702001v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702000v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702601v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702600v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703201v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703200v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700251v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700250v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703301v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule700650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule703300v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701751v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701750v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701651v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule701650v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702451v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: global trafficHTTP traffic detected: GET /rules/rule702450v1s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
      Source: CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: the next 30 days.Welcome!CCleaner ActivationYou have unlocked the full power of CCleaner Professional. Enjoy!Your upgrade is complete.Thank you for purchasing CCleaner Professional.Popup/HealthCheck/PostAnalysis/UpgradedToProPopup/HealthCheck/PostAnalysis/UpgradedToTrialCCleaner Professional TrialOK*.ccleaner.com*.piriform.comaccounts.google.comwww.google.commail.netscape.comwebmail.earthlink.netyahoo.commail.yahoo.commy.screenname.aol.comwebmail.aol.com*.avast.com*.ccleanercloud.comlogin.live.comLatestICSwww.google.com/accountsmail.google.comgoogle.comgoogle.com/accountsscreenname.aol.comicloud.comfacebook.comaol.comservices.adobe.comtwitter.com5.41mail.lycos.comfastmail.fmauth.me.commail.rulogin.comcast.netovi.com/services/signinmail.aol.comwww.mail.lycos.comfile://CloudCleaning.htmopenCloudCleaningshowUpgradeDialogopenLearnMorePopup/CloudDriveCleaner/UpgradeShowOneDrivePopup/CloudDriveCleaner/CC Pro TrialIsFreeUserDataProblemScan For Issues + CancelregTrueScan For Issues/bkpregistry.txtCCScanreg.txtUsernameRegistry KeyFix selected issues...CToolsRegistryCtrl::SetControlsBackSelect allReg Files (*.reg)*.regcc_%d%02d%02d_%02d%02d%02d.reg, Drive: System.IO.File:GetDirectory() - FullPath: System.IO.File:GetDirectory() - DirectoryName after removing trailing slash : Piriform::IO::File::GetDirectory(App), Filename: , Directory: , Extension: System.IO.File:GetDirectory() - Error code returned from _tsplitpath_s: BRANDINGPiriform::CLicense::OnRegisterInvalid KeyExpiredActiveDisabled%s equals www.yahoo.com (Yahoo)
      Source: global trafficDNS traffic detected: DNS query: analytics.avcdn.net
      Source: global trafficDNS traffic detected: DNS query: ipm-provider.ff.avast.com
      Source: global trafficDNS traffic detected: DNS query: shepherd.ff.avast.com
      Source: global trafficDNS traffic detected: DNS query: service.piriform.com
      Source: global trafficDNS traffic detected: DNS query: license.piriform.com
      Source: global trafficDNS traffic detected: DNS query: ip-info.ff.avast.com
      Source: global trafficDNS traffic detected: DNS query: ncc.avast.com
      Source: global trafficDNS traffic detected: DNS query: emupdate.avcdn.net
      Source: global trafficDNS traffic detected: DNS query: ccleaner.tools.avcdn.net
      Source: global trafficDNS traffic detected: DNS query: winqual.sb.avast.com
      Source: global trafficDNS traffic detected: DNS query: www.ccleaner.com
      Source: global trafficDNS traffic detected: DNS query: www.google.com
      Source: global trafficDNS traffic detected: DNS query: cdn-production.ccleaner.com
      Source: global trafficDNS traffic detected: DNS query: cdn.cookielaw.org
      Source: global trafficDNS traffic detected: DNS query: dev.visualwebsiteoptimizer.com
      Source: global trafficDNS traffic detected: DNS query: s.go-mpulse.net
      Source: global trafficDNS traffic detected: DNS query: assets.adobedtm.com
      Source: global trafficDNS traffic detected: DNS query: geolocation.onetrust.com
      Source: global trafficDNS traffic detected: DNS query: dpm.demdex.net
      Source: global trafficDNS traffic detected: DNS query: symantec.tt.omtrdc.net
      Source: global trafficDNS traffic detected: DNS query: symantec.demdex.net
      Source: global trafficDNS traffic detected: DNS query: www.nortonlifelock.com
      Source: global trafficDNS traffic detected: DNS query: c.go-mpulse.net
      Source: global trafficDNS traffic detected: DNS query: cm.everesttech.net
      Source: global trafficDNS traffic detected: DNS query: static.ads-twitter.com
      Source: global trafficDNS traffic detected: DNS query: amplify.outbrain.com
      Source: global trafficDNS traffic detected: DNS query: s.yimg.com
      Source: global trafficDNS traffic detected: DNS query: mstatic.ccleaner.com
      Source: global trafficDNS traffic detected: DNS query: www.mczbf.com
      Source: global trafficDNS traffic detected: DNS query: oms.ccleaner.com
      Source: global trafficDNS traffic detected: DNS query: tr.outbrain.com
      Source: global trafficDNS traffic detected: DNS query: cdn-uat.ccleaner.com
      Source: global trafficDNS traffic detected: DNS query: download.avira.com
      Source: global trafficDNS traffic detected: DNS query: t.co
      Source: global trafficDNS traffic detected: DNS query: analytics.twitter.com
      Source: global trafficDNS traffic detected: DNS query: wave.outbrain.com
      Source: global trafficDNS traffic detected: DNS query: c5.adalyser.com
      Source: global trafficDNS traffic detected: DNS query: snap.licdn.com
      Source: global trafficDNS traffic detected: DNS query: driver-updater.ff.avast.com
      Source: global trafficDNS traffic detected: DNS query: connect.facebook.net
      Source: global trafficDNS traffic detected: DNS query: static.hotjar.com
      Source: global trafficDNS traffic detected: DNS query: analytics.google.com
      Source: global trafficDNS traffic detected: DNS query: idsync.rlcdn.com
      Source: global trafficDNS traffic detected: DNS query: td.doubleclick.net
      Source: global trafficDNS traffic detected: DNS query: px.ads.linkedin.com
      Source: global trafficDNS traffic detected: DNS query: sp.analytics.yahoo.com
      Source: global trafficDNS traffic detected: DNS query: stats.g.doubleclick.net
      Source: global trafficDNS traffic detected: DNS query: script.hotjar.com
      Source: global trafficDNS traffic detected: DNS query: www.facebook.com
      Source: global trafficDNS traffic detected: DNS query: www.linkedin.com
      Source: global trafficDNS traffic detected: DNS query: 684d0d45.akstat.io
      Source: global trafficDNS traffic detected: DNS query: zn4i1jhjmxub1nc6y-gendigital.siteintercept.qualtrics.com
      Source: global trafficDNS traffic detected: DNS query: s1.pir.fm
      Source: global trafficDNS traffic detected: DNS query: trial-eum-clientnsv4-s.akamaihd.net
      Source: global trafficDNS traffic detected: DNS query: trial-eum-clienttons-s.akamaihd.net
      Source: global trafficDNS traffic detected: DNS query: 8-46-123-75_s-2-20-68-230_ts-1732446949-clienttons-s.akamaihd.net
      Source: global trafficDNS traffic detected: DNS query: siteintercept.qualtrics.com
      Source: global trafficDNS traffic detected: DNS query: baxhwsyxgzi4uz2dblsq-p08v2f-49ff2084c-clientnsv4-s.akamaihd.net
      Source: global trafficDNS traffic detected: DNS query: ipmcdn.avast.com
      Source: global trafficDNS traffic detected: DNS query: analytics.ff.avast.com
      Source: unknownHTTP traffic detected: POST /receive3 HTTP/1.1Connection: Keep-AliveContent-Type: application/x-enc-sbUser-Agent: Avast AntivirusContent-Length: 329Host: analytics.avcdn.net
      Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundContent-Length: 0Connection: closeDate: Sun, 24 Nov 2024 11:15:47 GMTX-Robots-Tag: noindex, nofollowX-Request-ID: 74590e39-aa55-11ef-80d5-cb47cf2d9396Server: nginxX-Cache: Error from cloudfrontVia: 1.1 6481f3b72e695f5d2b0b995611da44a2.cloudfront.net (CloudFront)X-Amz-Cf-Pop: BAH53-P2X-Amz-Cf-Id: bDiq7B1bURj8-rltkxWQ02YcodXDz3tpX6PH6ZjjkOAsSxP-MHGxaQ==
      Source: CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://%s:%d;https=https://%s:%dHTTP/1.0%u.%u.%u.%u01234567890123456789abcdef0123456789ABCDEFCONOUT$
      Source: CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://api.webrep.avast.com/avast_webrepapi://avast_domainreputation://avast_webrepipc://http://fra2
      Source: CCUpdate.exe, 00000007.00000003.2588880320.0000000000D65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
      Source: lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0E
      Source: lw2HMxuVuf.exe, 00000000.00000003.2284247616.0000000007700000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0
      Source: lw2HMxuVuf.exe, 00000000.00000003.2294225394.000000000773A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootCA.crt0B
      Source: lw2HMxuVuf.exe, 00000000.00000003.2270251081.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2284247616.0000000007700000.00000004.00000800.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270300318.0000000006001000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2284247616.000000000772B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertGlobalRootG2.crt0
      Source: CCUpdate.exe, 00000007.00000003.2588880320.0000000000D65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDCodeSigningCA.crt0
      Source: CCUpdate.exe, 00000007.00000003.2588880320.0000000000D65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0
      Source: lw2HMxuVuf.exe, 00000000.00000003.2284247616.0000000007700000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2SecureServerCA-2.crt0
      Source: lw2HMxuVuf.exe, 00000000.00000003.2270251081.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2288416809.0000000006002000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2275697474.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2294225394.000000000773A000.00000004.00000800.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2288318115.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270427153.0000000005FFB000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270319331.0000000005FFB000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2288480612.0000000006002000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2293252543.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270401010.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2293376550.0000000006003000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2293393367.0000000005FFD000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2275697474.0000000006002000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2288480612.0000000005FF8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTLSRSASHA2562020CA1-1.crt0
      Source: lw2HMxuVuf.exe, 00000000.00000002.2785371893.000000000041E000.00000004.00000001.01000000.00000003.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000003265000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crt0
      Source: lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
      Source: lw2HMxuVuf.exe, 00000000.00000002.2785371893.000000000041E000.00000004.00000001.01000000.00000003.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000003265000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
      Source: CCUpdate.exe, 00000007.00000003.2571029060.0000000000D31000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000002.2688383482.0000000000D31000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000003.2571029060.0000000000D00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ccleaner.tools.avcdn.net/
      Source: CCUpdate.exe, 00000007.00000002.2688383482.0000000000CC8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ccleaner.tools.avcdn.net/tools/ccleaner/update
      Source: CCUpdate.exe, 00000007.00000003.2570867815.0000000002FD0000.00000004.00000800.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000003.2571029060.0000000000D00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ccleaner.tools.avcdn.net/tools/ccleaner/update/20180205.dll
      Source: CCUpdate.exe, 00000007.00000003.2571029060.0000000000D15000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000003.2571262365.0000000000D17000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000002.2688383482.0000000000D15000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ccleaner.tools.avcdn.net/tools/ccleaner/update/20180205.dlli
      Source: CCUpdate.exe, 00000007.00000002.2688383482.0000000000D75000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000002.2688383482.0000000000D00000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000002.2688383482.0000000000CEF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ccleaner.tools.avcdn.net/tools/ccleaner/update/ccupdate029.cab
      Source: CCUpdate.exe, 00000007.00000002.2688383482.0000000000D75000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000002.2688383482.0000000000D00000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000002.2688383482.0000000000CEF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ccleaner.tools.avcdn.net/tools/ccleaner/update/ccupdate049.cab
      Source: CCUpdate.exe, 00000007.00000002.2688383482.0000000000D75000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000002.2688383482.0000000000D00000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000002.2688383482.0000000000CEF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ccleaner.tools.avcdn.net/tools/ccleaner/update/ccupdate10.cab
      Source: CCUpdate.exe, 00000007.00000003.2571262365.0000000000D17000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000002.2688383482.0000000000D15000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000002.2688383482.0000000000CC8000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000008.00000002.2527630454.000000000073F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ccleaner.tools.avcdn.net/tools/ccleaner/update/patches.ini
      Source: CCUpdate.exe, 00000007.00000000.2510072602.0000000000A34000.00000002.00000001.01000000.00000018.sdmp, CCUpdate.exe, 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmp, CCUpdate.exe, 00000008.00000002.2527898318.0000000000A34000.00000002.00000001.01000000.00000018.sdmp, CCUpdate.exe, 00000008.00000000.2524315754.0000000000A34000.00000002.00000001.01000000.00000018.sdmpString found in binary or memory: http://ccleaner.tools.avcdn.net/tools/ccleaner/update/patches.inihttp://ccleaner.tools.avcdn.net/too
      Source: CCUpdate.exe, 00000007.00000002.2688383482.0000000000D15000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000002.2688383482.0000000000CC8000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000002.2688383482.0000000000CEF000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000008.00000002.2527630454.000000000073F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ccleaner.tools.avcdn.net/tools/ccleaner/update/updates.xml
      Source: CCUpdate.exe, 00000007.00000003.2533840644.0000000000D65000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000003.2533803649.0000000000D31000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.m
      Source: lw2HMxuVuf.exe, 00000000.00000002.2785371893.000000000041E000.00000004.00000001.01000000.00000003.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000003265000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.sectigo.com/SectigoPublicTimeStampingCAR36.crl0z
      Source: lw2HMxuVuf.exe, 00000000.00000002.2785371893.000000000041E000.00000004.00000001.01000000.00000003.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000003265000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.sectigo.com/SectigoPublicTimeStampingRootR46.crl0
      Source: lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0
      Source: CCUpdate.exe, 00000007.00000003.2588880320.0000000000D65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0O
      Source: CCUpdate.exe, 00000007.00000003.2588880320.0000000000D65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P
      Source: lw2HMxuVuf.exe, 00000000.00000003.2284247616.0000000007700000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl07
      Source: lw2HMxuVuf.exe, 00000000.00000003.2294225394.000000000773A000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootCA.crl0=
      Source: lw2HMxuVuf.exe, 00000000.00000003.2270251081.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2284247616.0000000007700000.00000004.00000800.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270300318.0000000006001000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2284247616.000000000772B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertGlobalRootG2.crl07
      Source: lw2HMxuVuf.exe, 00000000.00000003.2270251081.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2288416809.0000000006002000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2275697474.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2294225394.000000000773A000.00000004.00000800.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2288318115.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270427153.0000000005FFB000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270319331.0000000005FFB000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2288480612.0000000006002000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2293252543.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270401010.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2293376550.0000000006003000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2293393367.0000000005FFD000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2275697474.0000000006002000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2288480612.0000000005FF8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl0
      Source: lw2HMxuVuf.exe, 00000000.00000002.2785371893.000000000041E000.00000004.00000001.01000000.00000003.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000003265000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0S
      Source: lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crl0
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
      Source: lw2HMxuVuf.exe, 00000000.00000003.2284247616.0000000007700000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/DigicertSHA2SecureServerCA-1.crl0?
      Source: lw2HMxuVuf.exe, 00000000.00000003.2284247616.0000000007700000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/Omniroot2025.crl0
      Source: CCUpdate.exe, 00000007.00000003.2588880320.0000000000D65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/sha2-assured-cs-g1.crl05
      Source: CCUpdate.exe, 00000007.00000003.2588880320.0000000000D65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl02
      Source: CCUpdate.exe, 00000007.00000003.2588880320.0000000000D65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
      Source: lw2HMxuVuf.exe, 00000000.00000003.2284247616.0000000007700000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootCA.crl00
      Source: lw2HMxuVuf.exe, 00000000.00000003.2270251081.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2284247616.0000000007700000.00000004.00000800.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270300318.0000000006001000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2284247616.000000000772B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertGlobalRootG2.crl0
      Source: lw2HMxuVuf.exe, 00000000.00000003.2270251081.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2288416809.0000000006002000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2275697474.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2294225394.000000000773A000.00000004.00000800.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2288318115.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270427153.0000000005FFB000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270319331.0000000005FFB000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2288480612.0000000006002000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2293252543.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270401010.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2293376550.0000000006003000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2293393367.0000000005FFD000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2275697474.0000000006002000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2288480612.0000000005FF8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertTLSRSASHA2562020CA1-4.crl0
      Source: lw2HMxuVuf.exe, 00000000.00000002.2785371893.000000000041E000.00000004.00000001.01000000.00000003.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000003265000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://crl4.digicert.com/DigiCertTrustedG4CodeSigningRSA4096SHA3842021CA1.crl0
      Source: lw2HMxuVuf.exe, 00000000.00000003.2284247616.0000000007700000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/DigicertSHA2SecureServerCA-1.crl0
      Source: CCUpdate.exe, 00000007.00000003.2588880320.0000000000D65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/sha2-assured-cs-g1.crl0L
      Source: CCUpdate.exe, 00000007.00000003.2588880320.0000000000D65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl4.digicert.com/sha2-assured-ts.crl0
      Source: lw2HMxuVuf.exe, 00000000.00000002.2785371893.000000000041E000.00000004.00000001.01000000.00000003.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000003265000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crt.sectigo.com/SectigoPublicTimeStampingCAR36.crt0#
      Source: lw2HMxuVuf.exe, 00000000.00000002.2785371893.000000000041E000.00000004.00000001.01000000.00000003.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000003265000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crt.sectigo.com/SectigoPublicTimeStampingRootR46.p7c0#
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmpString found in binary or memory: http://domrep.ff.avast.com/http://api.webrep.avast.com/avast_webrepapi://http://ui.ff.avast.com/avas
      Source: CCUpdate.exe, 00000007.00000003.2571029060.0000000000D00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://emupdate.avcdn.net/
      Source: CCUpdate.exeString found in binary or memory: http://emupdate.avcdn.net/files/emupdate/pong.txt
      Source: CCUpdate.exe, 00000007.00000002.2688383482.0000000000CC0000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://emupdate.avcdn.net/files/emupdate/pong.txt32.dll
      Source: CCUpdate.exe, 00000007.00000000.2510072602.0000000000A34000.00000002.00000001.01000000.00000018.sdmp, CCUpdate.exe, 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmp, CCUpdate.exe, 00000008.00000002.2527898318.0000000000A34000.00000002.00000001.01000000.00000018.sdmp, CCUpdate.exe, 00000008.00000000.2524315754.0000000000A34000.00000002.00000001.01000000.00000018.sdmpString found in binary or memory: http://emupdate.avcdn.net/files/emupdate/pong.txtAvEmUpdate
      Source: CCUpdate.exe, 00000008.00000002.2527630454.0000000000728000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://emupdate.avcdn.net/files/emupdate/pong.txtUT32.dll
      Source: CCUpdate.exe, 00000007.00000002.2688383482.0000000000D00000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000003.2571029060.0000000000D00000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://emupdate.avcdn.net/files/emupdate/pong.txts
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://files.avast.com/beta9x/avast_free_antivirus_setup_online.exeASWSig2A5549FF2866EA44F68D28FB2B1
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://files.avast.com/iavs9x/avast_premier_antivirus_setup_online.exeASWSig2A5FB1A9FDC683FA551EB348
      Source: CCUpdate.exeString found in binary or memory: http://honzik.avcdn.net/diffs/
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://honzik.avcdn.net/setup/avast-tu/beta/avast_cleanup_online_setup.exeASWSig2A1E3DD1C1B204ED89FD
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://honzik.avcdn.net/setup/avast-tu/release/avast_cleanup_online_setup.exeASWSig2A4C1A1197A19B18F
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://honzik.avcdn.net/setup/avg-av/release/avg_antivirus_free_online_setup.exeASWSig2A2D7E61EA63DA
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://honzik.avcdn.net/setup/avg-av/release/avg_internet_security_online_setup.exeASWSig2A40170EEB1
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://honzik.avcdn.net/setup/avg-bs/beta/avg_battery_saver_online_setup.exeASWSig2A4D178CA216002CE0
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://honzik.avcdn.net/setup/avg-bs/release/avg_battery_saver_online_setup.exeASWSig2A7E478FFFFFA84
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://honzik.avcdn.net/setup/avg-tu/beta/avg_tuneup_online_setup.exeASWSig2A51F05E8C170B452F21205C3
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://honzik.avcdn.net/setup/avg-tu/release/avg_tuneup_online_setup.exeASWSig2A19497FDBA8D930F12196
      Source: CCUpdate.exeString found in binary or memory: http://honzik.avcdn.net/universe/
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://iptc.org/std/Iptc4xmpExt/2008-02-29/
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://keys.backup.norton.com
      Source: CCleaner64.exe, 00000005.00000002.2560641566.00000197BC015000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ncc.avast.com/
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2560641566.00000197BBFAA000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://ncc.avast.com/ncc.txt
      Source: CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://ncc.avast.com/ncc.txtavast_activationcodefull://C-type
      Source: CCleaner64.exe, 00000005.00000002.2560641566.00000197BBFAA000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ncc.avast.com/ncc.txter
      Source: CCleaner64.exe, 00000005.00000002.2562103985.00000197BE450000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ncc.avast.com:80/ncc.txtz
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://ns.useplus.org/ldf/xmp/1.0/
      Source: lw2HMxuVuf.exe, 00000000.00000002.2785371893.000000000040A000.00000004.00000001.01000000.00000003.sdmp, lw2HMxuVuf.exe, 00000000.00000000.2054490205.000000000040A000.00000008.00000001.01000000.00000003.sdmpString found in binary or memory: http://nsis.sf.net/NSIS_ErrorError
      Source: lw2HMxuVuf.exe, 00000000.00000002.2785371893.000000000041E000.00000004.00000001.01000000.00000003.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270251081.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000003265000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2294225394.000000000773A000.00000004.00000800.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2284247616.0000000007700000.00000004.00000800.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270300318.0000000006001000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2284247616.000000000772B000.00000004.00000800.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://ocsp.digicert.com0
      Source: lw2HMxuVuf.exe, 00000000.00000003.2284247616.0000000007700000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0:
      Source: lw2HMxuVuf.exe, 00000000.00000002.2785371893.000000000041E000.00000004.00000001.01000000.00000003.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000003265000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://ocsp.digicert.com0A
      Source: lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmp, CCUpdate.exe, 00000007.00000003.2588880320.0000000000D65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0C
      Source: lw2HMxuVuf.exe, 00000000.00000003.2284247616.0000000007700000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0H
      Source: lw2HMxuVuf.exe, 00000000.00000003.2270251081.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2288416809.0000000006002000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2275697474.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2294225394.000000000773A000.00000004.00000800.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2288318115.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270427153.0000000005FFB000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270319331.0000000005FFB000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2288480612.0000000006002000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2293252543.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270401010.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2293376550.0000000006003000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2293393367.0000000005FFD000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2275697474.0000000006002000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2288480612.0000000005FF8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0I
      Source: CCUpdate.exe, 00000007.00000003.2588880320.0000000000D65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0N
      Source: CCUpdate.exe, 00000007.00000003.2588880320.0000000000D65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.digicert.com0O
      Source: lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://ocsp.digicert.com0X
      Source: lw2HMxuVuf.exe, 00000000.00000003.2284247616.0000000007700000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ocsp.msocsp.com0S
      Source: lw2HMxuVuf.exe, 00000000.00000002.2785371893.000000000041E000.00000004.00000001.01000000.00000003.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000003265000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://ocsp.sectigo.com0
      Source: CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://p%03d.sb.avast.com/V1/MD/Do
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmpString found in binary or memory: http://p%03d.sb.avast.com/V1/MD/avast_streambackraw_%03d://CommChannelAddr_StreambackGetBody
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmpString found in binary or memory: http://p%03d.sb.avast.com/V1/PD/Do
      Source: CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://p%03d.sb.avast.com/V1/PD/avast_streambacksubmit_%03d://
      Source: CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://p000.sb.avast.com/V1/PD/avast_streambackraw_000://https://auth-test.ff.avast.com/V1/REGavast_
      Source: CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://program.avast.com/credit_monitor/avast_creditmonitor://avast_activationcodelegacy://https://a
      Source: lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://scripts.sil.org/OFLhttp://scripts.sil.org/OFL
      Source: lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLCopyright
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
      Source: lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000003.2588880320.0000000000D65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.avast.com0/
      Source: lw2HMxuVuf.exe, 00000000.00000003.2501478642.0000000005F26000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2501048660.0000000006530000.00000004.00000800.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2792248940.000000000092D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.ccleaner.com/ccleaner
      Source: lw2HMxuVuf.exe, 00000000.00000002.2792248940.000000000092D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.ccleaner.com/go/app_license?p=1&l=
      Source: lw2HMxuVuf.exe, 00000000.00000002.2794848571.0000000003D4C000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2766117669.0000000003D4C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.ccleaner.com/go/app_license?p=1&l=1033&a=0
      Source: lw2HMxuVuf.exe, 00000000.00000002.2792248940.000000000092D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.ccleaner.com/go/app_privacy?p=1&l=
      Source: lw2HMxuVuf.exe, 00000000.00000002.2794848571.0000000003D4C000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2766117669.0000000003D4C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.ccleaner.com/go/app_privacy?p=1&l=1033&a=0
      Source: lw2HMxuVuf.exe, 00000000.00000002.2792248940.000000000092D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.ccleaner.com/go/app_releasenotes?p=
      Source: lw2HMxuVuf.exe, 00000000.00000003.2766117669.0000000003D4C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.ccleaner.com/go/app_releasenotes?p=1&v=&l=1033&b=1&a=0
      Source: lw2HMxuVuf.exe, 00000000.00000002.2794848571.0000000003D4C000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2766117669.0000000003D4C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.ccleaner.com/go/app_releasenotes?p=1&v=&l=1033&b=1&a=0$j
      Source: lw2HMxuVuf.exe, 00000000.00000002.2794848571.0000000003D4C000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2766117669.0000000003D4C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.ccleaner.com/go/app_releasenotes?p=1&v=&l=1033&b=1&a=02e
      Source: lw2HMxuVuf.exe, 00000000.00000002.2794848571.0000000003D4C000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2766117669.0000000003D4C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.ccleaner.com/go/app_releasenotes?p=1&v=&l=1033&b=1&a=0Bj
      Source: lw2HMxuVuf.exe, 00000000.00000003.2764150916.0000000003DDB000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2795310869.0000000003DDC000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2580060589.0000000003DDB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.ccleaner.com/go/app_releasenotes?p=1&v=&l=1033&b=1&a=0net4
      Source: lw2HMxuVuf.exe, 00000000.00000003.2765911965.0000000003DED000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2795396615.0000000003DED000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2764150916.0000000003DED000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2501336799.0000000003DED000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2580060589.0000000003DDB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.ccleaner.com/go/app_releasenotes?p=1&v=&l=1033&b=1&a=0ts
      Source: lw2HMxuVuf.exe, 00000000.00000003.2764150916.0000000003DB2000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2795133723.0000000003DB2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.ccleaner.com/go/app_releasenotes?p=1&v=&l=1033&b=1&a=0x
      Source: CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://www.ccleaner.com/inapp/notificationsContent-Type:
      Source: lw2HMxuVuf.exe, 00000000.00000002.2792248940.000000000092D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.ccleaner.comopen
      Source: lw2HMxuVuf.exe, 00000000.00000002.2785371893.000000000041E000.00000004.00000001.01000000.00000003.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270251081.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000003265000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2288416809.0000000006002000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2275697474.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2294225394.000000000773A000.00000004.00000800.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2288318115.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270427153.0000000005FFB000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270319331.0000000005FFB000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2288480612.0000000006002000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2293252543.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270401010.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2293376550.0000000006003000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2293393367.0000000005FFD000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2275697474.0000000006002000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2288480612.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://www.digicert.com/CPS0
      Source: lw2HMxuVuf.exe, 00000000.00000003.2284247616.0000000007700000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.digicert.com/CPS0~
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://www.gimp.org/xmp/
      Source: CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://www.winimage.com/zLibDll
      Source: CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: http://www.winimage.com/zLibDllNUL
      Source: lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.zkysky.com.ar/This
      Source: lw2HMxuVuf.exe, 00000000.00000003.2284247616.0000000007700000.00000004.00000800.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270300318.0000000006001000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270401010.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2284247616.000000000772B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aefd.nelreports.net/api/report?cat=bingaotak
      Source: lw2HMxuVuf.exe, 00000000.00000003.2284247616.0000000007700000.00000004.00000800.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2284247616.000000000772B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aefd.nelreports.net/api/report?cat=bingrms
      Source: lw2HMxuVuf.exe, 00000000.00000003.2284247616.0000000007700000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aefd.nelreports.net/api/report?cat=wsb
      Source: lw2HMxuVuf.exe, 00000000.00000003.2769284851.000000000549B000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2798101974.000000000549C000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2798976484.0000000005F25000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000002.2561649308.00000197BD9D6000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 0000000E.00000003.2754172633.0000014794623000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://analytics.avcdn.net/
      Source: CCleaner64.exe, 0000000E.00000003.2754172633.0000014794623000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://analytics.avcdn.net/(
      Source: CCleaner64.exe, 00000005.00000002.2562103985.00000197BE520000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://analytics.avcdn.net/S
      Source: CCleaner64.exe, 0000000E.00000003.2754172633.0000014794623000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://analytics.avcdn.net/ash
      Source: CCleaner64.exe, 00000005.00000002.2562103985.00000197BE450000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://analytics.avcdn.net/dll
      Source: lw2HMxuVuf.exe, 00000000.00000002.2798976484.0000000005F25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://analytics.avcdn.net/om
      Source: CCleaner64.exe, 00000005.00000002.2561649308.00000197BD9D6000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000002.2562103985.00000197BE45C000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://analytics.avcdn.net/receive3
      Source: lw2HMxuVuf.exe, 00000000.00000002.2798020466.0000000005470000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://analytics.avcdn.net/receive3H
      Source: lw2HMxuVuf.exe, 00000000.00000002.2798976484.0000000005F25000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://analytics.avcdn.net/receive3r
      Source: CCleaner64.exe, 00000005.00000002.2562103985.00000197BE450000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000002.2562103985.00000197BE4BD000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://analytics.avcdn.net:443/receive3
      Source: lw2HMxuVuf.exe, 00000000.00000003.2284247616.000000000772B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://api.msn.com/v1/News/Feed/Windows?apikey=qrUeHGGYvVowZJuHA3XaH0uUvg1ZJ0GUZnXk3mxxPF&ocid=wind
      Source: lw2HMxuVuf.exe, lw2HMxuVuf.exe, 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://bits.avcdn.net/productfamily_ANTIVIRUS/insttype_FREE/platform_WIN/installertype_ONLINE/build
      Source: lw2HMxuVuf.exeString found in binary or memory: https://bits.avcdn.net/productfamily_ANTIVIRUS/insttype_FREE/platform_WIN_AVG/installertype_ONLINE/b
      Source: CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://bits.avcdn.net/productfamily_ANTIVIRUS/insttype_ONE_FREE/platform_WIN/installertype_ONLINE/b
      Source: CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://bits.avcdn.net/productfamily_ANTIVIRUS/insttype_ONE_PRO/platform_WIN/installertype_ONLINE/bu
      Source: CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://brain.jumpshot.com/avast/ss/jumpshot_silentscanresults2://https://brain.jumpshot.com/avast/s
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmpString found in binary or memory: https://brain.jumpshot.com/avast/ss/reportjumpshot_silentscanresults://https://brain.jumpshot.com/av
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://ccleaner.com/go/app_cc_acknowledgements
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://ccleaner.com/go/app_cc_license_agreement
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://ccleaner.com/go/app_cc_privacy_data_factsheet
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://ccleaner.com/go/app_cc_privacy_policy
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://ccleaner.com/go/app_cc_privacy_product_policy
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleanerBugReport.exe, 0000000B.00000002.2666069416.00007FF66186A000.00000002.00000001.01000000.0000001A.sdmpString found in binary or memory: https://curl.se/docs/alt-svc.html
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleanerBugReport.exe, 0000000B.00000002.2666069416.00007FF66186A000.00000002.00000001.01000000.0000001A.sdmpString found in binary or memory: https://curl.se/docs/hsts.html
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleanerBugReport.exe, 0000000B.00000002.2666069416.00007FF66186A000.00000002.00000001.01000000.0000001A.sdmpString found in binary or memory: https://curl.se/docs/http-cookies.html
      Source: lw2HMxuVuf.exe, 00000000.00000003.2284247616.000000000772B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://deff.nelreports.net/api/report?cat=msn
      Source: lw2HMxuVuf.exe, 00000000.00000003.2284247616.0000000007700000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://fp-vp.azureedge.net/apc/trans.gif?7e9591e308dbda599df1fc08720a72a3
      Source: lw2HMxuVuf.exe, 00000000.00000003.2284247616.0000000007700000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://fp-vp.azureedge.net/apc/trans.gif?c6a2869c584d2ea23c67c44abe1ec326
      Source: CCleanerBugReport.exe, 0000000B.00000002.2666069416.00007FF66186A000.00000002.00000001.01000000.0000001A.sdmpString found in binary or memory: https://hns.sb.avast.com
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://honzik.avcdn.net/setup/avast-atrk/release/avast_antitrack_online_setup.exeASWSig2A532CCF5ABF
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://honzik.avcdn.net/setup/avast-bg/beta/avast_breach_guard_online_setup.exeASWSig2A6DF674D10553
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://honzik.avcdn.net/setup/avast-bg/release/avast_breach_guard_online_setup.exeASWSig2A2457920CE
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://honzik.avcdn.net/setup/avast-bs/beta/avast_battery_saver_online_setup.exeASWSig2A3A3BE3789E6
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://honzik.avcdn.net/setup/avast-bs/release/avast_battery_saver_online_setup.exeASWSig2A072492C0
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://honzik.avcdn.net/setup/avast-du/beta/avast_driver_updater_online_setup.exeASWSig2A3CBDA28891
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://honzik.avcdn.net/setup/avast-du/release/avast_driver_updater_online_setup.exeASWSig2A021F36B
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://honzik.avcdn.net/setup/avast-vpn/release/avast_vpn_online_setup.exeASWSig2A06FCDABA5742BE662
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://honzik.avcdn.net/setup/avg-atrk/release/avg_antitrack_online_setup.exeASWSig2A2B99C8EA31CB6D
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://honzik.avcdn.net/setup/avg-bg/beta/avg_breach_guard_online_setup.exeASWSig2A56213C511B9A9241
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://honzik.avcdn.net/setup/avg-bg/release/avg_breach_guard_online_setup.exeASWSig2A14AA13983E189
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://honzik.avcdn.net/setup/avg-du/beta/avg_driver_updater_online_setup.exeASWSig2A667B4A5D8ECDBD
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://honzik.avcdn.net/setup/avg-du/release/avg_driver_updater_online_setup.exeASWSig2A24A39E8D727
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://honzik.avcdn.net/setup/avg-vpn/release/avg_vpn_online_setup.exeASWSig2A27B1BBBA8E4138C4EDCFD
      Source: CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://httphttpsasw.pancake.proto.Identityasw.pancake.proto.Productasw.pancake.proto.Settingsasw.pa
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://install.avcdn.net/avg/beta9x/avg_internet_security_setup.exeASWSig2A7D77EF27F362060AF957E761
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://install.avcdn.net/avg/iavs9x/avg_internet_security_setup.exeASWSig2A123D026AE3BEAC0AC7D4DC35
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://install.avcdn.net/avg/iavs9x/avg_internet_security_setup.exeASWSig2A357ACEF8FE55D8ED7E2EA469
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://install.avcdn.net/beta9x/avast_pro_antivirus_setup_online.exeASWSig2A579D90FED0C6441EE7B258F
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://install.avcdn.net/iavs9x/avast_free_antivirus_setup_online.exeASWSig2A2EC0971AB07DE15C30023C
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://install.avcdn.net/iavs9x/avast_pro_antivirus_setup_online.exeASWSig2A03A4D7B0044FDD707267F64
      Source: CCUpdate.exe, CCUpdate.exe, 00000007.00000003.2534004735.0000000000D17000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000003.2533875197.0000000000D15000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000002.2688383482.0000000000CC8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ip-info.ff.avast.com/v2/info
      Source: CCUpdate.exe, 00000007.00000000.2510072602.0000000000A34000.00000002.00000001.01000000.00000018.sdmp, CCUpdate.exe, 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmp, CCUpdate.exe, 00000008.00000002.2527898318.0000000000A34000.00000002.00000001.01000000.00000018.sdmp, CCUpdate.exe, 00000008.00000000.2524315754.0000000000A34000.00000002.00000001.01000000.00000018.sdmpString found in binary or memory: https://ip-info.ff.avast.com/v2/infocountry
      Source: lw2HMxuVuf.exe, 00000000.00000003.2242932198.0000000003DB5000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2764150916.0000000003DB2000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2795133723.0000000003DB2000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2371999463.0000000003DB2000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2336816159.0000000003DB2000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2354021661.0000000003DB2000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2242833936.0000000003DB2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipm-provider.ff.avast.com/?p_elm=76&action=1&p_age=0&p_bau=0&p_bsls=0&p_chcc=2&p_chr=0&p_dvt
      Source: lw2HMxuVuf.exe, 00000000.00000003.2242833936.0000000003DB2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipm-static.avcdn.net/content-assets-prod/
      Source: lw2HMxuVuf.exe, 00000000.00000003.2242833936.0000000003DB2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipmcdn.avast.com/images/
      Source: lw2HMxuVuf.exe, 00000000.00000003.2242932198.0000000003DB5000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2242833936.0000000003DB2000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ipmcdn.avast.com/images/Persistent-AuthWWW-AuthenticateVaryClientId=6cf3d2ac-bf28-4f57-80cd-
      Source: lw2HMxuVuf.exe, 00000000.00000002.2795133723.0000000003DA9000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2764150916.0000000003D9E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://license.piriform.com//
      Source: lw2HMxuVuf.exe, 00000000.00000002.2795133723.0000000003DA9000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2764150916.0000000003D9E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://license.piriform.com/0
      Source: lw2HMxuVuf.exe, lw2HMxuVuf.exe, 00000000.00000002.2795450593.0000000003DF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2765729980.0000000003DF5000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2423261870.0000000005F1F000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2440494807.0000000003DEF000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2764150916.0000000003DED000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2501336799.0000000003DED000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2580060589.0000000003DDB000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2423373462.0000000003DFA000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2423145055.0000000003DEF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://license.piriform.com/product/v1/installcheck?p=1&v=6.30.11385&vx=&l=1033&b=1&o=10W6&g=0&i=1&
      Source: CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://license.piriform.com/updateMozilla/4.0The
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmpString found in binary or memory: https://openid-stage.avast.comhttps://openid-stage.avg.comalpha-iqs-stage.ff.avast.comalpha-crap-sta
      Source: CCleaner64.exe, 00000005.00000002.2561649308.00000197BD988000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://openid.avast.com
      Source: CCleaner64.exe, 00000005.00000002.2561649308.00000197BD988000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://openid.avast.comp
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmpString found in binary or memory: https://openid.avg.commy-devices.avast.comalpha-rollout-service.ff.avast.comhttps://openid.avast.com
      Source: CCleanerBugReport.exe, 0000000B.00000002.2666069416.00007FF66186A000.00000002.00000001.01000000.0000001A.sdmpString found in binary or memory: https://packet-responder.ff.avast.com:8443Vaar-VersionVaar-Header-Content-Type0application/jsonnetwo
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://piriform.zendesk.com/hc/en-us/articles/204043884-Using-CCleaner-s-Drive-Wiper
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://piriform.zendesk.com/hc/en-us/articles/218109957-How-do-I-manage-browser-plugins-
      Source: CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://s-trackoff.avcdn.net/avg/trackoff/7854df286ff1c4e1f4d81d466f4a1b0243b39837ac99c5b98817907f76
      Source: CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://s-trackoff.avcdn.net/trackoff/8ad1526a87b9617cf6dd677cdf9f87a0e3fd1555b6a8828d87ec2bef2850fa
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://sciter.com/docs/content/script/Array.htm
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://sciter.com/forums/topic/plus-custom-output-formatter-wont-work-if-they-are-written-in-htm/#p
      Source: lw2HMxuVuf.exe, 00000000.00000002.2785371893.000000000041E000.00000004.00000001.01000000.00000003.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000003265000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sectigo.com/CPS0
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://secure.ccleaner.com/502/uurl-90zu4qtn5p?x-source=833
      Source: lw2HMxuVuf.exe, 00000000.00000002.2795133723.0000000003DA9000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2764150916.0000000003D9E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://service.piriform.com/
      Source: lw2HMxuVuf.exe, 00000000.00000002.2795133723.0000000003DA9000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2764150916.0000000003D9E000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://service.piriform.com/a
      Source: lw2HMxuVuf.exe, 00000000.00000002.2792248940.000000000092D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://service.piriform.com/installcheck.aspx5.70.7909PrefsPrivacyShareData1stParty
      Source: lw2HMxuVuf.exe, 00000000.00000003.2501336799.0000000003DDC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://service.piriform.com/installcheck.aspx?p=1&v=6.30.11385&vx=&l=1033&b=1&o=10W6&g=0&i=1&a=0&e=
      Source: lw2HMxuVuf.exe, lw2HMxuVuf.exe, 00000000.00000003.2440442999.0000000005F43000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://shepherd.ff.avast.com/
      Source: lw2HMxuVuf.exe, 00000000.00000003.2353823942.0000000003E08000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2440494807.0000000003DEF000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2764150916.0000000003DED000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2501336799.0000000003DED000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2580060589.0000000003DDB000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2423373462.0000000003DFA000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2440494807.0000000003DDB000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2423145055.0000000003DEF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://shepherd.ff.avast.com/?p_vep=6&p_ves=30&p_vbd=11385&p_lit=0&p_midex=1F2CCAD3812656C493060833
      Source: lw2HMxuVuf.exe, 00000000.00000003.2371948448.0000000003DEF000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2336816159.0000000003DEF000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2765911965.0000000003DED000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2795396615.0000000003DED000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2440494807.0000000003DEF000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2764150916.0000000003DED000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2501336799.0000000003DED000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2580060589.0000000003DDB000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2354021661.0000000003DEF000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2423145055.0000000003DEF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://shepherd.ff.avast.com/F?(e5
      Source: lw2HMxuVuf.exe, 00000000.00000002.2792248940.000000000092D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://shepherd.ff.avast.com/Mozilla/4.0
      Source: lw2HMxuVuf.exe, 00000000.00000003.2371948448.0000000003DEF000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2336816159.0000000003DEF000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2765911965.0000000003DED000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2795396615.0000000003DED000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2440494807.0000000003DEF000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2764150916.0000000003DED000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2501336799.0000000003DED000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2580060589.0000000003DDB000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2354021661.0000000003DEF000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2423145055.0000000003DEF000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://shepherd.ff.avast.com/Y?
      Source: lw2HMxuVuf.exe, 00000000.00000003.2440442999.0000000005F43000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://shepherd.ff.avast.com/cO
      Source: CCleanerBugReport.exe, 0000000B.00000002.2666069416.00007FF66186A000.00000002.00000001.01000000.0000001A.sdmpString found in binary or memory: https://submit.sb.avast.com
      Source: CCleanerBugReport.exe, 0000000B.00000002.2666069416.00007FF66186A000.00000002.00000001.01000000.0000001A.sdmpString found in binary or memory: https://viruslab-samples.sb.avast.com
      Source: CCleanerBugReport.exe, 0000000B.00000002.2666069416.00007FF66186A000.00000002.00000001.01000000.0000001A.sdmpString found in binary or memory: https://viruslab-samples.sb.avast.comhttps://submit.sb.avast.comhttps://hns.sb.avast.comhttps://winq
      Source: CCleanerBugReport.exe, 0000000B.00000002.2666069416.00007FF66186A000.00000002.00000001.01000000.0000001A.sdmpString found in binary or memory: https://winqual.sb.avast.com
      Source: CCleanerBugReport.exe, 0000000B.00000003.2637778411.000001D24E877000.00000004.00000020.00020000.00000000.sdmp, CCleanerBugReport.exe, 0000000B.00000003.2634530104.000001D24E877000.00000004.00000020.00020000.00000000.sdmp, CCleanerBugReport.exe, 0000000B.00000002.2650423766.000001D24E877000.00000004.00000020.00020000.00000000.sdmp, CCleanerBugReport.exe, 0000000B.00000003.2619892102.000001D24E877000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://winqual.sb.avast.com/.MD
      Source: CCleanerBugReport.exe, 0000000B.00000003.2637778411.000001D24E877000.00000004.00000020.00020000.00000000.sdmp, CCleanerBugReport.exe, 0000000B.00000003.2623729160.000001D24E8D8000.00000004.00000020.00020000.00000000.sdmp, CCleanerBugReport.exe, 0000000B.00000003.2634530104.000001D24E877000.00000004.00000020.00020000.00000000.sdmp, CCleanerBugReport.exe, 0000000B.00000002.2650423766.000001D24E877000.00000004.00000020.00020000.00000000.sdmp, CCleanerBugReport.exe, 0000000B.00000003.2637114350.000001D24E8E7000.00000004.00000020.00020000.00000000.sdmp, CCleanerBugReport.exe, 0000000B.00000003.2619892102.000001D24E877000.00000004.00000020.00020000.00000000.sdmp, CCleanerBugReport.exe, 0000000B.00000002.2661948121.000001D2503F0000.00000004.00000020.00020000.00000000.sdmp, CCleanerBugReport.exe, 0000000B.00000003.2612294281.000001D24E8D8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://winqual.sb.avast.com/V1/MD
      Source: CCleanerBugReport.exe, 0000000B.00000003.2637778411.000001D24E877000.00000004.00000020.00020000.00000000.sdmp, CCleanerBugReport.exe, 0000000B.00000003.2634530104.000001D24E877000.00000004.00000020.00020000.00000000.sdmp, CCleanerBugReport.exe, 0000000B.00000002.2650423766.000001D24E877000.00000004.00000020.00020000.00000000.sdmp, CCleanerBugReport.exe, 0000000B.00000003.2619892102.000001D24E877000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://winqual.sb.avast.com/p_
      Source: CCleanerBugReport.exe, 0000000B.00000003.2612294281.000001D24E8D8000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://winqual.sb.avast.com:443/V1/MD
      Source: CCleanerBugReport.exe, 0000000B.00000003.2637778411.000001D24E877000.00000004.00000020.00020000.00000000.sdmp, CCleanerBugReport.exe, 0000000B.00000003.2634530104.000001D24E877000.00000004.00000020.00020000.00000000.sdmp, CCleanerBugReport.exe, 0000000B.00000002.2650423766.000001D24E877000.00000004.00000020.00020000.00000000.sdmp, CCleanerBugReport.exe, 0000000B.00000003.2619892102.000001D24E877000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://winqual.sb.avast.com:443/V1/MDMicrosoft
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.avast.com/lp-ppc-nbu-fav-cc
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.ccleaner.com/business
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.ccleaner.com/business/ccleaner-business-edition
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.ccleaner.com/ccleaner
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.ccleaner.com/ccleaner/browser
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.ccleaner.com/docs/ccleaner/ccleaner-settings/choosing-which-cookies-to-keep
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.ccleaner.com/docs/ccleaner/using-ccleaner/browser-cleaning
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.ccleaner.com/docs/ccleaner/using-ccleaner/managing-auto-starting-programs
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.ccleaner.com/docs/ccleaner/using-ccleaner/uninstalling-programs
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.ccleaner.com/go/app_cc_activation_error
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.ccleaner.com/go/app_cc_driver_update_failed
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.ccleaner.com/go/app_cc_failedtoupdate0x6
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmpString found in binary or memory: https://www.ccleaner.com/go/app_cc_get_updatehttps://license.piriform.com/updateMozilla/4.0cvtvolkmk
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.ccleaner.com/go/app_cc_help_performance_optimizer
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.ccleaner.com/go/app_cc_help_preloading
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.ccleaner.com/go/app_cc_help_schedule_setup?utm_source=ccleaner&utm_medium=application&ut
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.ccleaner.com/go/app_deactivated_help
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.ccleaner.com/go/app_du_support
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.ccleaner.com/go/app_du_survey
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.ccleaner.com/go/app_du_systemprotection
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.ccleaner.com/go/app_du_systemrestoreinfo
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.ccleaner.com/go/app_no_license_error
      Source: CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.ccleaner.com/go/app_po_surveyContinueDemoViewSleepingProgramsPopup/PerformanceOptimizer/
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmpString found in binary or memory: https://www.ccleaner.com/go/app_uninstall_surveyinfnan(ind)nannan(snan)infnan(ind)nannan(snan)infnan
      Source: CCUpdate.exe, 00000007.00000003.2588880320.0000000000D65000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.digicert.com/CPS0
      Source: lw2HMxuVuf.exe, 00000000.00000002.2785371893.000000000041E000.00000004.00000001.01000000.00000003.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000003265000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.gendigital.com/
      Source: CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpString found in binary or memory: https://www.ssllabs.com/ssltest/viewMyClient.htmlEnter
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49986
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50733
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49984
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50735
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49983
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50734
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49982
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50737
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49981
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50736
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49980
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50739
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50738
      Source: unknownNetwork traffic detected: HTTP traffic on port 49932 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49898 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50693 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50211 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49979
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49977
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49734
      Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49976
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49733
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49975
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50744
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49974
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49732
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50743
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49973
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50746
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49972
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49730
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50745
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49971
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50748
      Source: unknownNetwork traffic detected: HTTP traffic on port 50417 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49970
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50747
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50508
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50749
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50740
      Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50742
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50741
      Source: unknownNetwork traffic detected: HTTP traffic on port 50004 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49909 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50292 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49969
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49968
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49967
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
      Source: unknownNetwork traffic detected: HTTP traffic on port 50738 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49965
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49722
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49721
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49963
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49962
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50515
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49961
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49960
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50519
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50518
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50751
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50750
      Source: unknownNetwork traffic detected: HTTP traffic on port 50108 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50028 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50269 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49959
      Source: unknownNetwork traffic detected: HTTP traffic on port 50714 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
      Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49957
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49956
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49954
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49953
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49952
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49951
      Source: unknownNetwork traffic detected: HTTP traffic on port 49839 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49864 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49950
      Source: unknownNetwork traffic detected: HTTP traffic on port 50280 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50527
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50520
      Source: unknownNetwork traffic detected: HTTP traffic on port 49910 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50051 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49949
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49947
      Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
      Source: unknownNetwork traffic detected: HTTP traffic on port 50061 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
      Source: unknownNetwork traffic detected: HTTP traffic on port 49922 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
      Source: unknownNetwork traffic detected: HTTP traffic on port 49968 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50026 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
      Source: unknownNetwork traffic detected: HTTP traffic on port 50622 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50701
      Source: unknownNetwork traffic detected: HTTP traffic on port 49862 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
      Source: unknownNetwork traffic detected: HTTP traffic on port 50656 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
      Source: unknownNetwork traffic detected: HTTP traffic on port 50748 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49830 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49769
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50710
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49764
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50713
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
      Source: unknownNetwork traffic detected: HTTP traffic on port 50038 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50712
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50714
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50717
      Source: unknownNetwork traffic detected: HTTP traffic on port 49840 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49956 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50534 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49998
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49996
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50721
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49995
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50724
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49994
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50723
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49993
      Source: unknownNetwork traffic detected: HTTP traffic on port 50016 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50725
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50728
      Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49934 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
      Source: unknownNetwork traffic detected: HTTP traffic on port 50036 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50573
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50572
      Source: unknownNetwork traffic detected: HTTP traffic on port 50632 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49769 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50712 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49900 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50108
      Source: unknownNetwork traffic detected: HTTP traffic on port 49837 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50109
      Source: unknownNetwork traffic detected: HTTP traffic on port 49872 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50352 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50343
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50104
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50103
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50345
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50587
      Source: unknownNetwork traffic detected: HTTP traffic on port 50289 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50673 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50128 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50592
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50111
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50110
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50352
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50113
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50597
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50112
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50596
      Source: unknownNetwork traffic detected: HTTP traffic on port 50374 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50598
      Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49986 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50213 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50128
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
      Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50127
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
      Source: unknownNetwork traffic detected: HTTP traffic on port 49952 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
      Source: unknownNetwork traffic detected: HTTP traffic on port 50442 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50126
      Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50048 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50371
      Source: unknownNetwork traffic detected: HTTP traffic on port 49884 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
      Source: unknownNetwork traffic detected: HTTP traffic on port 50736 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49733 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50534
      Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49894 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50697 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50444 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49919 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49954 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50014 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49721 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50046 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49882 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50141 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50734 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49976 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50724 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50024 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49860 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49998 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50569
      Source: unknownNetwork traffic detected: HTTP traffic on port 50372 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50565
      Source: unknownNetwork traffic detected: HTTP traffic on port 50746 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50290 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50002 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50675 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50054
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50053
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50295
      Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50056
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50055
      Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50057
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50059
      Source: unknownNetwork traffic detected: HTTP traffic on port 49961 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50061
      Source: unknownNetwork traffic detected: HTTP traffic on port 50286 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50060
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50063
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50062
      Source: unknownNetwork traffic detected: HTTP traffic on port 50343 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50045 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49732 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50064
      Source: unknownNetwork traffic detected: HTTP traffic on port 50652 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50240 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49869 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50057 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50078
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50077
      Source: unknownNetwork traffic detected: HTTP traffic on port 49892 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50079
      Source: unknownNetwork traffic detected: HTTP traffic on port 50515 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50699 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49847 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50733 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50572 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49870 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50079 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49983 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50023 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50018
      Source: unknownNetwork traffic detected: HTTP traffic on port 50527 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50017
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50019
      Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49951 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50010
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50012
      Source: unknownNetwork traffic detected: HTTP traffic on port 50055 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50014
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50013
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50016
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50015
      Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49845 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50230 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50029
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50028
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50020
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50023
      Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50025
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50024
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50266
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50027
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50269
      Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49879 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50026
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50030
      Source: unknownNetwork traffic detected: HTTP traffic on port 50677 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50468 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50743 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50039
      Source: unknownNetwork traffic detected: HTTP traffic on port 49995 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49928 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50032
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50031
      Source: unknownNetwork traffic detected: HTTP traffic on port 49857 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50596 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50033
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50036
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50038
      Source: unknownNetwork traffic detected: HTTP traffic on port 49764 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50280
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50041
      Source: unknownNetwork traffic detected: HTTP traffic on port 50104 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49973 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50446 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50721 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49730 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50033 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50043
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50285
      Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50042
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50045
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50287
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50044
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50286
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50047
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50289
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50046
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50288
      Source: unknownNetwork traffic detected: HTTP traffic on port 50375 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50650 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50049
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50048
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50290
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50050
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50292
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50291
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50052
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50051
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50293
      Source: unknownNetwork traffic detected: HTTP traffic on port 50126 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50598 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50741 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49912 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50649 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50018 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50077 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50053 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49981 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49924 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50728 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50031 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50043 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50345 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49867 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49865 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49941
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49940
      Source: unknownNetwork traffic detected: HTTP traffic on port 50229 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50112 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50158 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49936
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49935
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49934
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49933
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49932
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49931
      Source: unknownNetwork traffic detected: HTTP traffic on port 50008 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49971 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49936 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49928
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49924
      Source: unknownNetwork traffic detected: HTTP traffic on port 50625 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49922
      Source: unknownNetwork traffic detected: HTTP traffic on port 50751 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49921
      Source: unknownNetwork traffic detected: HTTP traffic on port 50063 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49877 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49914 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49919
      Source: unknownNetwork traffic detected: HTTP traffic on port 50519 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49918
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49917
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49914
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49912
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49911
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49910
      Source: unknownNetwork traffic detected: HTTP traffic on port 50041 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50520 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49899 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49909
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49908
      Source: unknownNetwork traffic detected: HTTP traffic on port 50692 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49906
      Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49993 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49901
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49900
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49865
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49864
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49863
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49862
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49860
      Source: unknownNetwork traffic detected: HTTP traffic on port 50508 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50749 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 50750 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49857
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
      Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50622
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50625
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
      Source: unknownNetwork traffic detected: HTTP traffic on port 50039 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50624
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50626
      Source: unknownNetwork traffic detected: HTTP traffic on port 49967 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
      Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49847
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49846
      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49845
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49708 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.5:49709 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.5:49710 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.111.24.1:443 -> 192.168.2.5:49712 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.160.176.28:443 -> 192.168.2.5:49737 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49743 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49747 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49783 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.111.175.102:443 -> 192.168.2.5:49784 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49790 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.5:49787 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49792 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49798 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 35.190.209.22:443 -> 192.168.2.5:49803 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 35.190.209.22:443 -> 192.168.2.5:49810 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.111.175.102:443 -> 192.168.2.5:49816 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49825 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49840 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.5:49839 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49849 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49851 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49862 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49863 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49872 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49876 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49894 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49895 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49895 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49909 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49918 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49919 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49935 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49936 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49951 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49953 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49965 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49981 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.111.175.102:443 -> 192.168.2.5:49986 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.160.176.28:443 -> 192.168.2.5:49996 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.111.24.1:443 -> 192.168.2.5:49993 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.111.24.1:443 -> 192.168.2.5:49994 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.111.175.102:443 -> 192.168.2.5:49995 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:49998 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50013 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50014 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.160.176.28:443 -> 192.168.2.5:50017 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.111.175.102:443 -> 192.168.2.5:50016 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50023 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50024 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50026 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50033 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50042 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.149.202.126:443 -> 192.168.2.5:50044 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50045 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50052 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50060 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50062 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50064 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50079 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50110 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.149.202.126:443 -> 192.168.2.5:50126 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50141 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50182 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50226 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.111.24.1:443 -> 192.168.2.5:50229 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50230 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50231 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50269 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50345 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50352 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50416 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50477 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50508 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50527 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50592 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50697 version: TLS 1.2
      Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.5:50698 version: TLS 1.2

      Spam, unwanted Advertisements and Ransom Demands

      barindex
      Reads the Security eventlog
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security\PowerShell
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security\PowerShell
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security\PowerShell
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Security
      Reads the System eventlog
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\PowerShell
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\PowerShell
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeKey opened: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009CE1E7 __EH_prolog3_catch_GS,GetSystemTime,GetCurrentProcessId,CreateFileW,GetLastError,Sleep,GetLastError,WriteFile,WriteFile,WriteFile,WriteFile,GetFileSizeEx,NtSetInformationFile,OutputDebugStringW,CloseHandle,7_2_009CE1E7
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeCode function: 9_2_00007FF669F3B4C0 GetModuleHandleW,GetProcAddress,NtQueryInformationProcess,GetCurrentProcess,NtQueryInformationProcess,9_2_00007FF669F3B4C0
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeCode function: 0_2_6B74CFD0: GetVersion,CreateFileW,GetLastError,DeviceIoControl,GetLastError,CloseHandle,0_2_6B74CFD0
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009D1DEA __EH_prolog3,CreateProcessW,CreateEnvironmentBlock,CreateProcessAsUserW,GetLastError,WaitForSingleObject,GetExitCodeProcess,DestroyEnvironmentBlock,CloseHandle,CloseHandle,CloseHandle,7_2_009D1DEA
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile created: C:\Windows\Tasks\CCleanerCrashReporting.jobJump to behavior
      Source: C:\Windows\System32\svchost.exeFile created: C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009F11B07_2_009F11B0
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009EC2207_2_009EC220
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009F34D07_2_009F34D0
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009E94107_2_009E9410
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009E49047_2_009E4904
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009B30807_2_009B3080
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009F00DD7_2_009F00DD
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_00A0E0F27_2_00A0E0F2
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009FA0707_2_009FA070
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009C02837_2_009C0283
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_00A202227_2_00A20222
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_00A272647_2_00A27264
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009F92707_2_009F9270
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009C43B77_2_009C43B7
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009B73A07_2_009B73A0
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009FC3307_2_009FC330
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009C14877_2_009C1487
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009FA4B07_2_009FA4B0
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_00A214DA7_2_00A214DA
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_00A0E4577_2_00A0E457
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009C257B7_2_009C257B
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009FE8B07_2_009FE8B0
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009FD8107_2_009FD810
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009ED9A07_2_009ED9A0
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009FE9A07_2_009FE9A0
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009BF91B7_2_009BF91B
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009DD93E7_2_009DD93E
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009F9AA07_2_009F9AA0
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009BDBDD7_2_009BDBDD
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_00A0DDAA7_2_00A0DDAA
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_00A18D287_2_00A18D28
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_00A1AD107_2_00A1AD10
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009F9D207_2_009F9D20
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009EEE107_2_009EEE10
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009EFFC07_2_009EFFC0
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009C0F367_2_009C0F36
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeCode function: 9_2_00007FF669F0C4009_2_00007FF669F0C400
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeCode function: 9_2_00007FF66A0AD4589_2_00007FF66A0AD458
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeCode function: 9_2_00007FF669F089B09_2_00007FF669F089B0
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeCode function: 9_2_00007FF669F0B1E09_2_00007FF669F0B1E0
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeCode function: 9_2_00007FF66A0AC1E09_2_00007FF66A0AC1E0
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeCode function: 9_2_00007FF669EF1F209_2_00007FF669EF1F20
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeCode function: 9_2_00007FF66A0AF7BC9_2_00007FF66A0AF7BC
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeCode function: 9_2_00007FF669EF20AB9_2_00007FF669EF20AB
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeCode function: String function: 00007FF669F14AB0 appears 58 times
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: String function: 00A06B60 appears 58 times
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: String function: 00A1C919 appears 37 times
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: String function: 009CE1D8 appears 199 times
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: String function: 009CE6CC appears 96 times
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: String function: 00A06992 appears 135 times
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: String function: 00A0F9D3 appears 81 times
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: String function: 00A069C5 appears 43 times
      Source: lang-1032.dll.0.drStatic PE information: Resource name: RT_STRING type: DOS executable (COM, 0x8C-variant)
      Source: lang-1032.dll.0.drStatic PE information: Resource name: RT_STRING type: VAX-order2 68k Blit mpx/mux executable
      Source: lang-1032.dll.0.drStatic PE information: Resource name: RT_STRING type: PDP-11 demand-paged pure executable not stripped
      Source: lang-1034.dll.0.drStatic PE information: Resource name: RT_STRING type: 0420 Alliant virtual executable not stripped
      Source: lang-1036.dll.0.drStatic PE information: Resource name: RT_STRING type: MIPSEB-LE MIPS-III ECOFF executable not stripped - version 0.109
      Source: lang-1036.dll.0.drStatic PE information: Resource name: RT_STRING type: 0421 Alliant compact executable not stripped
      Source: lang-1038.dll.0.drStatic PE information: Resource name: RT_STRING type: basic-16 executable not stripped
      Source: lang-1043.dll.0.drStatic PE information: Resource name: RT_STRING type: PDP-11 pure executable not stripped
      Source: lang-1043.dll.0.drStatic PE information: Resource name: RT_STRING type: 0421 Alliant compact executable not stripped
      Source: lang-1045.dll.0.drStatic PE information: Resource name: RT_STRING type: 370 XA sysV executable not stripped
      Source: lang-1046.dll.0.drStatic PE information: Resource name: RT_STRING type: PDP-11 executable not stripped
      Source: lang-1048.dll.0.drStatic PE information: Resource name: RT_STRING type: VAX-order2 68k Blit mpx/mux executable
      Source: lang-1048.dll.0.drStatic PE information: Resource name: RT_STRING type: VAX-order2 68k Blit mpx/mux executable
      Source: lang-1050.dll.0.drStatic PE information: Resource name: RT_STRING type: iAPX 286 executable large model (COFF) not stripped
      Source: lang-1051.dll.0.drStatic PE information: Resource name: RT_STRING type: VAX-order2 68k Blit mpx/mux executable
      Source: lang-1053.dll.0.drStatic PE information: Resource name: RT_STRING type: DOS executable (COM, 0x8C-variant)
      Source: lang-1026.dll.0.drStatic PE information: Resource name: RT_STRING type: DOS executable (COM)
      Source: lang-1026.dll.0.drStatic PE information: Resource name: RT_STRING type: DOS executable (COM, 0x8C-variant)
      Source: lang-1029.dll.0.drStatic PE information: Resource name: RT_STRING type: PDP-11 demand-paged pure executable not stripped
      Source: lang-1032.dll0.0.drStatic PE information: Resource name: RT_STRING type: DOS executable (COM, 0x8C-variant)
      Source: lang-1032.dll0.0.drStatic PE information: Resource name: RT_STRING type: VAX-order2 68k Blit mpx/mux executable
      Source: lang-1032.dll0.0.drStatic PE information: Resource name: RT_STRING type: PDP-11 demand-paged pure executable not stripped
      Source: lang-1034.dll0.0.drStatic PE information: Resource name: RT_STRING type: 0420 Alliant virtual executable not stripped
      Source: lang-1055.dll.0.drStatic PE information: Resource name: RT_STRING type: PDP-11 demand-paged pure executable not stripped
      Source: lang-1056.dll.0.drStatic PE information: Resource name: RT_STRING type: VAX-order2 68k Blit mpx/mux executable
      Source: lang-1057.dll.0.drStatic PE information: Resource name: RT_STRING type: 370 sysV pure executable not stripped
      Source: lang-1057.dll.0.drStatic PE information: Resource name: RT_STRING type: DOS executable (COM)
      Source: lang-1057.dll.0.drStatic PE information: Resource name: RT_STRING type: VAX-order2 68k Blit mpx/mux executable
      Source: lang-1058.dll.0.drStatic PE information: Resource name: RT_STRING type: DOS executable (COM)
      Source: lang-1058.dll.0.drStatic PE information: Resource name: RT_STRING type: PDP-11 executable not stripped - version 4
      Source: lang-1060.dll.0.drStatic PE information: Resource name: RT_STRING type: iAPX 286 executable small model (COFF) not stripped
      Source: lang-1060.dll.0.drStatic PE information: Resource name: RT_STRING type: PDP-11 separate I&D executable not stripped
      Source: lang-1060.dll.0.drStatic PE information: Resource name: RT_STRING type: PDP-11 pure executable not stripped
      Source: lang-1063.dll.0.drStatic PE information: Resource name: RT_STRING type: DOS executable (COM, 0x8C-variant)
      Source: lang-1063.dll.0.drStatic PE information: Resource name: RT_STRING type: x86 executable (TV) not stripped
      Source: lang-1063.dll.0.drStatic PE information: Resource name: RT_STRING type: DOS executable (COM, 0x8C-variant)
      Source: lang-1065.dll.0.drStatic PE information: Resource name: RT_STRING type: x86 executable (TV) not stripped
      Source: lang-1065.dll.0.drStatic PE information: Resource name: RT_STRING type: PDP-11 demand-paged pure executable not stripped
      Source: lang-1036.dll0.0.drStatic PE information: Resource name: RT_STRING type: MIPSEB-LE MIPS-III ECOFF executable not stripped - version 0.109
      Source: lang-1036.dll0.0.drStatic PE information: Resource name: RT_STRING type: 0421 Alliant compact executable not stripped
      Source: lang-1038.dll0.0.drStatic PE information: Resource name: RT_STRING type: basic-16 executable not stripped
      Source: lang-1043.dll0.0.drStatic PE information: Resource name: RT_STRING type: PDP-11 pure executable not stripped
      Source: lang-1043.dll0.0.drStatic PE information: Resource name: RT_STRING type: 0421 Alliant compact executable not stripped
      Source: lang-1045.dll0.0.drStatic PE information: Resource name: RT_STRING type: 370 XA sysV executable not stripped
      Source: lang-1066.dll.0.drStatic PE information: Resource name: RT_STRING type: 0421 Alliant compact executable not stripped
      Source: lang-1081.dll.0.drStatic PE information: Resource name: RT_STRING type: x86 executable not stripped
      Source: lang-1081.dll.0.drStatic PE information: Resource name: RT_STRING type: DOS executable (COM)
      Source: lang-1086.dll.0.drStatic PE information: Resource name: RT_STRING type: MIPSEB-LE MIPS-II ECOFF executable not stripped - version 0.108
      Source: lang-1046.dll0.0.drStatic PE information: Resource name: RT_STRING type: PDP-11 executable not stripped
      Source: lang-1048.dll0.0.drStatic PE information: Resource name: RT_STRING type: VAX-order2 68k Blit mpx/mux executable
      Source: lang-1048.dll0.0.drStatic PE information: Resource name: RT_STRING type: VAX-order2 68k Blit mpx/mux executable
      Source: lang-1050.dll0.0.drStatic PE information: Resource name: RT_STRING type: iAPX 286 executable large model (COFF) not stripped
      Source: lang-1051.dll0.0.drStatic PE information: Resource name: RT_STRING type: VAX-order2 68k Blit mpx/mux executable
      Source: lang-1053.dll0.0.drStatic PE information: Resource name: RT_STRING type: DOS executable (COM, 0x8C-variant)
      Source: lang-1055.dll0.0.drStatic PE information: Resource name: RT_STRING type: PDP-11 demand-paged pure executable not stripped
      Source: lang-1056.dll0.0.drStatic PE information: Resource name: RT_STRING type: VAX-order2 68k Blit mpx/mux executable
      Source: lang-1054.dll0.0.drStatic PE information: No import functions for PE file found
      Source: lang-1050.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1041.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1056.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1035.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1038.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1053.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1044.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1026.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1050.dll0.0.drStatic PE information: No import functions for PE file found
      Source: lang-1081.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1090.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1032.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1042.dll0.0.drStatic PE information: No import functions for PE file found
      Source: lang-1087.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1063.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1092.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1034.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1049.dll0.0.drStatic PE information: No import functions for PE file found
      Source: lang-1040.dll0.0.drStatic PE information: No import functions for PE file found
      Source: lang-1036.dll0.0.drStatic PE information: No import functions for PE file found
      Source: lang-1028.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1034.dll0.0.drStatic PE information: No import functions for PE file found
      Source: lang-1086.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1040.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1053.dll0.0.drStatic PE information: No import functions for PE file found
      Source: lang-1057.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1046.dll0.0.drStatic PE information: No import functions for PE file found
      Source: lang-1062.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1045.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1056.dll0.0.drStatic PE information: No import functions for PE file found
      Source: lang-1051.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1043.dll0.0.drStatic PE information: No import functions for PE file found
      Source: lang-1068.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1027.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1079.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1037.dll0.0.drStatic PE information: No import functions for PE file found
      Source: lang-1041.dll0.0.drStatic PE information: No import functions for PE file found
      Source: lang-1052.dll0.0.drStatic PE information: No import functions for PE file found
      Source: lang-1067.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1058.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1055.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1052.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1044.dll0.0.drStatic PE information: No import functions for PE file found
      Source: lang-1043.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1046.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1049.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1061.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1055.dll0.0.drStatic PE information: No import functions for PE file found
      Source: lang-1060.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1031.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1037.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1066.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1054.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1025.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1048.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1038.dll0.0.drStatic PE information: No import functions for PE file found
      Source: lang-1029.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1045.dll0.0.drStatic PE information: No import functions for PE file found
      Source: lang-1032.dll0.0.drStatic PE information: No import functions for PE file found
      Source: lang-1036.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1051.dll0.0.drStatic PE information: No import functions for PE file found
      Source: lang-1071.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1030.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1065.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1042.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1035.dll0.0.drStatic PE information: No import functions for PE file found
      Source: lang-1059.dll.0.drStatic PE information: No import functions for PE file found
      Source: lang-1048.dll0.0.drStatic PE information: No import functions for PE file found
      Source: lw2HMxuVuf.exe, 00000000.00000002.2785371893.000000000041E000.00000004.00000001.01000000.00000003.sdmpBinary or memory string: OriginalFilenameButtonEvent.dllR vs lw2HMxuVuf.exe
      Source: lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000003265000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenamepfUI.dll* vs lw2HMxuVuf.exe
      Source: lw2HMxuVuf.exe, 00000000.00000002.2860356752.000000006C63B000.00000002.00000001.01000000.00000007.sdmpBinary or memory string: OriginalFilenamepfBL.dll* vs lw2HMxuVuf.exe
      Source: lw2HMxuVuf.exe, 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpBinary or memory string: OriginalFilenameAvastAdSDK_Release Static.dll@ vs lw2HMxuVuf.exe
      Source: lw2HMxuVuf.exe, 00000000.00000002.2798976484.0000000005F15000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameccleaner.exe2 vs lw2HMxuVuf.exe
      Source: lw2HMxuVuf.exe, 00000000.00000003.2764951451.0000000005F37000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameccleaner.exe2 vs lw2HMxuVuf.exe
      Source: lw2HMxuVuf.exe, 00000000.00000002.2799288435.0000000005F37000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameccleaner.exe2 vs lw2HMxuVuf.exe
      Source: lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameAvastAdSDK_Release Static.dll@ vs lw2HMxuVuf.exe
      Source: lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameButtonEvent.dllR vs lw2HMxuVuf.exe
      Source: lw2HMxuVuf.exe, 00000000.00000002.2803313882.000000006B5CD000.00000002.00000001.01000000.0000000B.sdmpBinary or memory string: OriginalFilenamepfUI.dll* vs lw2HMxuVuf.exe
      Source: lw2HMxuVuf.exe, 00000000.00000002.2800303822.000000006A168000.00000002.00000001.01000000.00000014.sdmpBinary or memory string: OriginalFilenameServiceUninstaller.dllF vs lw2HMxuVuf.exe
      Source: lw2HMxuVuf.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
      Source: classification engineClassification label: mal42.spyw.evad.winEXE@75/464@185/41
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009D1D1B GetCurrentThread,OpenThreadToken,OpenThreadToken,GetLastError,GetLastError,ImpersonateSelf,GetLastError,OpenThreadToken,LookupPrivilegeValueW,AdjustTokenPrivileges,GetLastError,CloseHandle,7_2_009D1D1B
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeCode function: 0_2_6B749230 GetDiskFreeSpaceExW,0_2_6B749230
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009D4221 __EH_prolog3_align,VariantInit,CoCreateInstance,VariantClear,VariantClear,CoCreateInstance,7_2_009D4221
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009B9C9A LoadResource,LockResource,SizeofResource,7_2_009B9C9A
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009D206A OpenSCManagerW,GetLastError,OpenServiceW,GetLastError,QueryServiceStatus,QueryServiceStatusEx,ControlService,ControlService,Sleep,QueryServiceStatus,OpenProcess,TerminateProcess,CloseHandle,Sleep,StartServiceW,CloseServiceHandle,CloseServiceHandle,CloseServiceHandle,7_2_009D206A
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleanerJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\RX3GZ0SR.txtJump to behavior
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeMutant created: NULL
      Source: C:\Program Files\CCleaner\CCleaner64.exeMutant created: \Sessions\1\BaseNamedObjects\Piriform_CCleaner_SystemTraySingleIcon
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1524:120:WilError_03
      Source: C:\Program Files\CCleaner\CCleaner64.exeMutant created: \Sessions\1\BaseNamedObjects\Piriform_CCleaner_Monitoring
      Source: C:\Program Files\CCleaner\CCleaner64.exeMutant created: \Sessions\1\BaseNamedObjects\Piriform_CCleaner_MainInstance
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:6444:120:WilError_03
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:3424:120:WilError_03
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:4308:120:WilError_03
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeMutant created: \Sessions\1\BaseNamedObjects\Global\AvastBugReport-F44FD5F2-ED43-485f-8A66-041B81E21AC2
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:7068:120:WilError_03
      Source: C:\Program Files\CCleaner\CCleaner64.exeMutant created: \Sessions\1\BaseNamedObjects\Piriform_CCleaner_PreventSecondInstance
      Source: C:\Program Files\CCleaner\CCleaner64.exeMutant created: \Sessions\1\BaseNamedObjects\Piriform_CCleaner_SystemTrayMonitorIconActive
      Source: C:\Program Files\CCleaner\CCUpdate.exeMutant created: \Sessions\1\BaseNamedObjects\Global\CCleanerSetupMutex
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1380:120:WilError_03
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:1052:120:WilError_03
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5708:120:WilError_03
      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:5796:120:WilError_03
      Source: C:\Program Files\CCleaner\CCleaner64.exeMutant created: \Sessions\1\BaseNamedObjects\Piriform_CCleaner_SystemTrayIconActive
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsq31DE.tmpJump to behavior
      Source: lw2HMxuVuf.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT UniqueId,ProcessorId,Name,Manufacturer FROM Win32_Processor
      Source: C:\Program Files\CCleaner\CCleaner64.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT UniqueId,ProcessorId,Name,Manufacturer FROM Win32_Processor
      Source: C:\Program Files\CCleaner\CCleaner64.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT UniqueId,ProcessorId,Name,Manufacturer FROM Win32_Processor
      Source: C:\Program Files\CCleaner\CCleaner64.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : select name,processid,commandline,executablepath from win32_process
      Source: C:\Program Files\CCleaner\CCleaner64.exeWMI Queries: IWbemServices::ExecNotificationQuery - root\cimv2 : SELECT ProcessID FROM Win32_ProcessTrace WHERE __CLASS = &apos;Win32_ProcessStartTrace&apos; OR __CLASS = &apos;Win32_ProcessStopTrace&apos;
      Source: C:\Program Files\CCleaner\CCleaner64.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT UniqueId,ProcessorId,Name,Manufacturer FROM Win32_Processor
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile read: C:\Users\desktop.iniJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
      Source: lw2HMxuVuf.exe, 00000000.00000002.2802761039.000000006B239000.00000008.00000001.01000000.0000000B.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: UPDATE %Q.sqlite_master SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqliteX_autoindex%%' ESCAPE 'X' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
      Source: lw2HMxuVuf.exe, 00000000.00000002.2802761039.000000006B239000.00000008.00000001.01000000.0000000B.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: INSERT INTO %Q.sqlite_master VALUES('index',%Q,%Q,#%d,%Q);
      Source: lw2HMxuVuf.exeString found in binary or memory: Config-NameCCleaner_cc-ui-launch-in-the-background_cloud-cleaning-tools_distribution---driver-updater_distribution---google-drive-debug_distribution---hc-add-results-flow_hcv2-rollout_distribution---notification-centre_distribution---opswatsoftwareupdater_dist
      Source: lw2HMxuVuf.exeString found in binary or memory: Config-NameCCleaner_cc-ui-launch-in-the-background_cloud-cleaning-tools_distribution---driver-updater_distribution---google-drive-debug_distribution---hc-add-results-flow_hcv2-rollout_distribution---notification-centre_distribution---opswatsoftwareupdater_dist
      Source: lw2HMxuVuf.exeString found in binary or memory: ttps://service.piriform.com/installcheck.aspx?p=1&v=6.30.11385&vx=&l=1033&b=1&o=10W6&g=0&i=1&a=0&e=0&n=lw2HMxuVuf.exe&id=003&mk=PH
      Source: lw2HMxuVuf.exeString found in binary or memory: OptimizationTargetPrediction,OptimizationHints --start-maximized --load-extension=C:\Windows\crx --single-argument http://www.ccle
      Source: lw2HMxuVuf.exeString found in binary or memory: https://license.piriform.com/product/v1/installcheck?p=1&v=6.30.11385&vx=&l=1033&b=1&o=10W6&g=0&i=1&a=0&e=0&n=lw2HMxuVuf.exe&id=00
      Source: lw2HMxuVuf.exeString found in binary or memory: expressvpn-browser-helper.exe
      Source: lw2HMxuVuf.exeString found in binary or memory: productfamily_HMA/insttype_PRO/platform_WIN/installertype_ONLINE/build_RELEASE
      Source: lw2HMxuVuf.exeString found in binary or memory: productfamily_BATTERY_SAVER/insttype_PRO/platform_WIN/installertype_ONLINE/build_RELEASE/trialid_mmm_ccl_prm_005_814_m
      Source: lw2HMxuVuf.exeString found in binary or memory: productfamily_KAMO/insttype_PRO/platform_WIN/installertype_ONLINE/build_RELEASE
      Source: lw2HMxuVuf.exeString found in binary or memory: https://bits.avcdn.net/productfamily_ANTIVIRUS/insttype_FREE/platform_WIN_AVG/installertype_ONLINE/build_RELEASE
      Source: lw2HMxuVuf.exeString found in binary or memory: https://bits.avcdn.net/productfamily_ANTIVIRUS/insttype_FREE/platform_WIN/installertype_ONLINE/build_RELEASE
      Source: lw2HMxuVuf.exeString found in binary or memory: https://bits.avcdn.net/productfamily_ANTIVIRUS/insttype_ONE_FREE/platform_WIN/installertype_ONLINE/build_RELEASE
      Source: CCUpdate.exeString found in binary or memory: /installer
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile read: C:\Users\user\Desktop\lw2HMxuVuf.exeJump to behavior
      Source: unknownProcess created: C:\Users\user\Desktop\lw2HMxuVuf.exe "C:\Users\user\Desktop\lw2HMxuVuf.exe"
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess created: C:\Program Files\CCleaner\CCleaner64.exe "C:\Program Files\CCleaner\CCleaner64.exe" /createSkipUAC
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess created: C:\Program Files\CCleaner\CCUpdate.exe "C:\Program Files\CCleaner\CCUpdate.exe" /reg
      Source: unknownProcess created: C:\Program Files\CCleaner\CCUpdate.exe "C:\Program Files\CCleaner\CCUpdate.exe"
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess created: C:\Program Files\CCleaner\CCleanerCrashDump.exe "C:\Program Files\CCleaner\CCleanerCrashDump.exe" --pid 1272 --exception_ptr 0000007E054FD2C0 --thread_id 5744 --dump_level 21 --dump_file "C:\Program Files\CCleaner\LOG\unp31145570364458760i-unhandled.mdmp" --comment "" --min_interval 60
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: unknownProcess created: C:\Program Files\CCleaner\CCleanerBugReport.exe "C:\Program Files\CCleaner\CCleanerBugReport.exe" --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a" --version "6.30.11385" --silent
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: unknownProcess created: C:\Program Files\CCleaner\CCleaner.exe "C:\Program Files\CCleaner\CCleaner.exe" 0
      Source: C:\Program Files\CCleaner\CCleaner.exeProcess created: C:\Program Files\CCleaner\CCleaner64.exe "C:\Program Files\CCleaner\CCleaner.exe" 0
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://www.ccleaner.com/go/app_releasenotes?p=1&v=&l=1033&b=1&a=0
      Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess created: C:\Program Files\CCleaner\CCleaner64.exe "C:\Program Files\CCleaner\CCleaner64.exe"
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=2004,i,4752939339511443600,2295827606538063107,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
      Source: C:\Program Files\CCleaner\CCUpdate.exeProcess created: C:\Program Files\CCleaner\CCUpdate.exe CCUpdate.exe /emupdater /applydll "C:\Program Files\CCleaner\Setup\92a778af-76d6-4186-8535-ae66d08f623f.dll"
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess created: C:\Program Files\CCleaner\CCleaner64.exe "C:\Program Files\CCleaner\CCleaner64.exe" /monitor
      Source: unknownProcess created: C:\Windows\System32\wbem\unsecapp.exe C:\Windows\system32\wbem\unsecapp.exe -Embedding
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess created: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe --pid=3276
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: unknownProcess created: C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe "C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe"
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess created: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe --pid=2992
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess created: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe --pid=3276
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: unknownProcess created: C:\Program Files\CCleaner\CCleaner64.exe "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      Source: unknownProcess created: C:\Program Files\CCleaner\CCleaner.exe "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
      Source: C:\Program Files\CCleaner\CCleaner.exeProcess created: C:\Program Files\CCleaner\CCleaner64.exe "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /S /C ""C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" > "C:\Users\user\AppData\Local\Temp\OPSBBCA.tmp" 2> "C:\Users\user\AppData\Local\Temp\OPSBBCB.tmp""
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription"
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess created: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe --pid=2992
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /S /C ""C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" > "C:\Users\user\AppData\Local\Temp\OPSD146.tmp" 2> "C:\Users\user\AppData\Local\Temp\OPSD147.tmp""
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription"
      Source: unknownProcess created: C:\Program Files\CCleaner\CCleaner64.exe "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
      Source: unknownProcess created: C:\Program Files\CCleaner\CCleaner.exe "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
      Source: C:\Program Files\CCleaner\CCleaner.exeProcess created: C:\Program Files\CCleaner\CCleaner64.exe "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess created: C:\Program Files\CCleaner\CCleanerCrashDump.exe "C:\Program Files\CCleaner\CCleanerCrashDump.exe" --pid 7236 --exception_ptr 0000005CCC9FD640 --thread_id 8100 --dump_level 21 --dump_file "C:\Program Files\CCleaner\LOG\unp31145570997760611i-unhandled.mdmp" --comment "" --min_interval 60
      Source: C:\Program Files\CCleaner\CCleaner.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess created: C:\Program Files\CCleaner\CCleaner64.exe "C:\Program Files\CCleaner\CCleaner64.exe" /createSkipUAC Jump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess created: C:\Program Files\CCleaner\CCUpdate.exe "C:\Program Files\CCleaner\CCUpdate.exe" /regJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://www.ccleaner.com/go/app_releasenotes?p=1&v=&l=1033&b=1&a=0Jump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess created: C:\Program Files\CCleaner\CCleaner64.exe "C:\Program Files\CCleaner\CCleaner64.exe" Jump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess created: C:\Program Files\CCleaner\CCleanerCrashDump.exe "C:\Program Files\CCleaner\CCleanerCrashDump.exe" --pid 1272 --exception_ptr 0000007E054FD2C0 --thread_id 5744 --dump_level 21 --dump_file "C:\Program Files\CCleaner\LOG\unp31145570364458760i-unhandled.mdmp" --comment "" --min_interval 60Jump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeProcess created: C:\Program Files\CCleaner\CCUpdate.exe CCUpdate.exe /emupdater /applydll "C:\Program Files\CCleaner\Setup\92a778af-76d6-4186-8535-ae66d08f623f.dll"Jump to behavior
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeProcess created: unknown unknownJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner.exeProcess created: C:\Program Files\CCleaner\CCleaner64.exe "C:\Program Files\CCleaner\CCleaner.exe" 0
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess created: C:\Program Files\CCleaner\CCleaner64.exe "C:\Program Files\CCleaner\CCleaner64.exe" /monitor
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess created: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe --pid=3276
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess created: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe --pid=3276
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=2004,i,4752939339511443600,2295827606538063107,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess created: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe --pid=2992
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess created: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe --pid=2992
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /S /C ""C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" > "C:\Users\user\AppData\Local\Temp\OPSBBCA.tmp" 2> "C:\Users\user\AppData\Local\Temp\OPSBBCB.tmp""
      Source: C:\Program Files\CCleaner\CCleaner.exeProcess created: C:\Program Files\CCleaner\CCleaner64.exe "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription"
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /S /C ""C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" > "C:\Users\user\AppData\Local\Temp\OPSD146.tmp" 2> "C:\Users\user\AppData\Local\Temp\OPSD147.tmp""
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription"
      Source: C:\Program Files\CCleaner\CCleaner.exeProcess created: C:\Program Files\CCleaner\CCleaner64.exe "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess created: C:\Program Files\CCleaner\CCleanerCrashDump.exe "C:\Program Files\CCleaner\CCleanerCrashDump.exe" --pid 7236 --exception_ptr 0000005CCC9FD640 --thread_id 8100 --dump_level 21 --dump_file "C:\Program Files\CCleaner\LOG\unp31145570997760611i-unhandled.mdmp" --comment "" --min_interval 60
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: uxtheme.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: userenv.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: apphelp.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: propsys.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: dwmapi.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: cryptbase.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: oleacc.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: ntmarta.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: version.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: shfolder.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: kernel.appcore.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: windows.storage.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: wldp.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: textinputframework.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: coreuicomponents.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: coremessaging.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: wintypes.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: wintypes.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: wintypes.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: textshaping.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: iphlpapi.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: wininet.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: msimg32.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: winhttp.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: secur32.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: dnsapi.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: wtsapi32.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: sspicli.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: cryptsp.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: rsaenh.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: wbemcomn.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: amsi.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: profapi.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: dhcpcsvc6.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: dhcpcsvc.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: webio.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: mswsock.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: winnsi.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: rasadhlp.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: fwpuclnt.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: schannel.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: mskeyprotect.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: ntasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: ncrypt.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: ncryptsslp.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: gpapi.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: dpapi.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: winmm.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: winmm.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: powrprof.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: umpdc.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: wscapi.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: urlmon.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: iertutil.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: srvcli.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: netutils.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: netapi32.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: dbghelp.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: esent.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: samcli.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: netutils.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: atlthunk.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: ieframe.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: iertutil.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: wkscli.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: dataexchange.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: d3d11.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: dcomp.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: dxgi.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: twinapi.appcore.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: urlmon.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: srvcli.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: windowscodecs.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: taskschd.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: rstrtmgr.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: riched20.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: usp10.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: msls31.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: linkinfo.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: ntshrui.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: cscapi.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: edputil.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: windows.staterepositoryps.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: appresolver.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: bcp47langs.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: slc.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: sppc.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: onecorecommonproxystub.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: windows.shell.servicehostbuilder.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: mlang.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: policymanager.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSection loaded: msvcp110_win.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: userenv.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: powrprof.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dxgi.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dbghelp.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: winmm.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: secur32.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: urlmon.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: oleacc.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: usp10.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dnsapi.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: winhttp.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: iertutil.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: srvcli.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: netutils.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: cryptbase.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: sspicli.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: umpdc.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: iphlpapi.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dbgcore.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: kernel.appcore.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: uxtheme.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: windowscodecs.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: taskschd.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: windows.storage.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: wldp.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: profapi.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: mstask.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: version.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: mpr.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: mpr.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: cryptsp.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: rsaenh.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: webio.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: mswsock.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: winnsi.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: wbemcomn.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: amsi.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: rasadhlp.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dhcpcsvc6.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dhcpcsvc.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: propsys.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: fwpuclnt.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: schannel.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: resourcepolicyclient.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: mskeyprotect.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: ntasn1.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: ncrypt.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: ncryptsslp.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: gpapi.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dpapi.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: apphelp.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: version.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: wininet.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: winhttp.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: cabinet.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: dnsapi.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: userenv.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: wtsapi32.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: powrprof.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: iphlpapi.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: umpdc.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: kernel.appcore.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: taskschd.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: sspicli.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: xmllite.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: webio.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: mswsock.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: winnsi.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: rasadhlp.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: fwpuclnt.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: schannel.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: mskeyprotect.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: ntasn1.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: ncrypt.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: ncryptsslp.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: msasn1.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: cryptsp.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: rsaenh.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: cryptbase.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: gpapi.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: dpapi.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: apphelp.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: version.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: wininet.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: winhttp.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: cabinet.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: dnsapi.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: userenv.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: wtsapi32.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: powrprof.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: iphlpapi.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: umpdc.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: kernel.appcore.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: taskschd.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: sspicli.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSection loaded: xmllite.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeSection loaded: wtsapi32.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeSection loaded: powrprof.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeSection loaded: umpdc.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeSection loaded: dbghelp.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeSection loaded: dbgcore.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeSection loaded: cryptbase.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeSection loaded: cryptsp.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeSection loaded: rsaenh.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeSection loaded: version.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeSection loaded: kernel.appcore.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: wtsapi32.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: powrprof.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: winhttp.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: version.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: iphlpapi.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: cryptbase.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: umpdc.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: dbghelp.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: dbgcore.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: windows.storage.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: wldp.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: profapi.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: cryptsp.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: rsaenh.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: kernel.appcore.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: ondemandconnroutehelper.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: webio.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: mswsock.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: winnsi.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: sspicli.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: dnsapi.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: rasadhlp.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: fwpuclnt.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: schannel.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: mskeyprotect.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: ntasn1.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: ncrypt.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: ncryptsslp.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: msasn1.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: gpapi.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: dpapi.dll
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSection loaded: ondemandconnroutehelper.dll
      Source: C:\Program Files\CCleaner\CCleaner.exeSection loaded: dnsapi.dll
      Source: C:\Program Files\CCleaner\CCleaner.exeSection loaded: winhttp.dll
      Source: C:\Program Files\CCleaner\CCleaner.exeSection loaded: userenv.dll
      Source: C:\Program Files\CCleaner\CCleaner.exeSection loaded: powrprof.dll
      Source: C:\Program Files\CCleaner\CCleaner.exeSection loaded: dxgi.dll
      Source: C:\Program Files\CCleaner\CCleaner.exeSection loaded: dbghelp.dll
      Source: C:\Program Files\CCleaner\CCleaner.exeSection loaded: winmm.dll
      Source: C:\Program Files\CCleaner\CCleaner.exeSection loaded: secur32.dll
      Source: C:\Program Files\CCleaner\CCleaner.exeSection loaded: urlmon.dll
      Source: C:\Program Files\CCleaner\CCleaner.exeSection loaded: oleacc.dll
      Source: C:\Program Files\CCleaner\CCleaner.exeSection loaded: usp10.dll
      Source: C:\Program Files\CCleaner\CCleaner.exeSection loaded: iertutil.dll
      Source: C:\Program Files\CCleaner\CCleaner.exeSection loaded: srvcli.dll
      Source: C:\Program Files\CCleaner\CCleaner.exeSection loaded: netutils.dll
      Source: C:\Program Files\CCleaner\CCleaner.exeSection loaded: cryptbase.dll
      Source: C:\Program Files\CCleaner\CCleaner.exeSection loaded: sspicli.dll
      Source: C:\Program Files\CCleaner\CCleaner.exeSection loaded: iphlpapi.dll
      Source: C:\Program Files\CCleaner\CCleaner.exeSection loaded: umpdc.dll
      Source: C:\Program Files\CCleaner\CCleaner.exeSection loaded: dbgcore.dll
      Source: C:\Program Files\CCleaner\CCleaner.exeSection loaded: kernel.appcore.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: userenv.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: powrprof.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dxgi.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dbghelp.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: winmm.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: secur32.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: urlmon.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: oleacc.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: usp10.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dnsapi.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: winhttp.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: iertutil.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: srvcli.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: netutils.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: cryptbase.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: sspicli.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: umpdc.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: iphlpapi.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dbgcore.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: kernel.appcore.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: uxtheme.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: windowscodecs.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: taskschd.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: windows.storage.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: wldp.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: profapi.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: mstask.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: mpr.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: version.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: cryptsp.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: rsaenh.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: ondemandconnroutehelper.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: webio.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: mswsock.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: winnsi.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: atlthunk.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: wtsapi32.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: winsta.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: d2d1.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dwrite.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dwmapi.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dataexchange.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: d3d11.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dcomp.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: twinapi.appcore.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: rasadhlp.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: fwpuclnt.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: textshaping.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: wscapi.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: netprofm.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: npmproxy.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: msasn1.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: newdev.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: devobj.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: devrtl.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: resourcepolicyclient.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: d3d10warp.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dxcore.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dpapi.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: ntmarta.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: wbemcomn.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: amsi.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dhcpcsvc6.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dhcpcsvc.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: ondemandconnroutehelper.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: xmllite.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: schannel.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: textinputframework.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: coreuicomponents.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: coremessaging.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: coremessaging.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: wintypes.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: wintypes.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: wintypes.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: appresolver.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: bcp47langs.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: slc.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: sppc.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: propsys.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: linkinfo.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: ntshrui.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: cscapi.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: policymanager.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: msvcp110_win.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: taskflowdataengine.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: cdp.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dsreg.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: onecorecommonproxystub.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: rstrtmgr.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: ncrypt.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: ntasn1.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: mskeyprotect.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: ncryptsslp.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: msasn1.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: gpapi.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: esent.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: ondemandconnroutehelper.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: msimg32.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: libwaheap.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: libwautils.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: msi.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: msi.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: mpr.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: authz.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: netapi32.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: logoncli.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: samcli.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: edputil.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: windows.staterepositoryps.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: onecoreuapcommonproxystub.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dsparse.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: apphelp.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: explorerframe.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: wininet.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: drvstore.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: spinf.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: ondemandconnroutehelper.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: rstrtmgr.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: rstrtmgr.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: ieframe.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: wkscli.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: sxs.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: msiso.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: mshtml.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: srpapi.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: msimtf.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: msls31.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: mlang.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: uiautomationcore.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: jscript9.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: imgutil.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: kernel.appcore.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: qmgr.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: bitsperf.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: powrprof.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: xmllite.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: firewallapi.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: esent.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: umpdc.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: dnsapi.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: iphlpapi.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: fwbase.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: wldp.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: ntmarta.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: profapi.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: flightsettings.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: netprofm.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: npmproxy.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: bitsigd.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: upnp.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: winhttp.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: ssdpapi.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: urlmon.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: iertutil.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: srvcli.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: netutils.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: appxdeploymentclient.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: cryptbase.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: wsmauto.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: miutils.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: wsmsvc.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: dsrole.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: pcwum.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: mi.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: userenv.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: gpapi.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: winhttp.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: wkscli.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: netutils.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: sspicli.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: ondemandconnroutehelper.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: msv1_0.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: ntlmshared.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: cryptdll.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: webio.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: mswsock.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: winnsi.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: rasadhlp.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: fwpuclnt.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: rmclient.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: usermgrcli.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: execmodelclient.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: propsys.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: coremessaging.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: twinapi.appcore.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: onecorecommonproxystub.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: execmodelproxy.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: resourcepolicyclient.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: vssapi.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: vsstrace.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: samcli.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: samlib.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: es.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: bitsproxy.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: ondemandconnroutehelper.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc6.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: schannel.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: mskeyprotect.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: ntasn1.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: ncrypt.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: ncryptsslp.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: msasn1.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: cryptsp.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: rsaenh.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: dpapi.dll
      Source: C:\Windows\System32\svchost.exeSection loaded: mpr.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: userenv.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: powrprof.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dxgi.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dbghelp.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: winmm.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: secur32.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: urlmon.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: oleacc.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: usp10.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dnsapi.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: winhttp.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: iertutil.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: srvcli.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: netutils.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: cryptbase.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: sspicli.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: umpdc.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: iphlpapi.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: dbgcore.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: kernel.appcore.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: uxtheme.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: windowscodecs.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: taskschd.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: windows.storage.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: wldp.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: profapi.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: mstask.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: mpr.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: version.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeSection loaded: cryptsp.dll
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}\InProcServer32Jump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeFile written: C:\Program Files\CCleaner\Setup\02cb0e58-d7f9-4650-aaa3-c382df995438.iniJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeAutomated click: OK
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeAutomated click: Install
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeAutomated click: OK
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeAutomated click: Install
      Source: Window RecorderWindow detected: More than 3 window changes detected
      Source: C:\Program Files\CCleaner\CCleaner64.exeWindow detected: Number of UI elements: 12
      Source: C:\Program Files\CCleaner\CCleaner64.exeWindow detected: Number of UI elements: 12
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeFile opened: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorrc.dll
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleanerJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\CCleaner.exeJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\CCleaner64.exeJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\CCUpdate.exeJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\LangJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1025.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1026.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1027.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1028.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1029.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1030.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1031.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1032.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1034.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1035.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1036.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1037.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1038.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1040.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1041.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1042.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1043.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1044.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1045.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1046.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1048.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1049.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1050.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1051.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1052.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1053.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1054.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1055.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1056.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1057.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1058.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1059.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1060.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1061.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1062.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1063.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1065.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1066.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1067.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1068.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1079.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1071.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1081.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1086.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1087.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1090.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1092.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1093.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1102.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1104.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1109.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1110.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-1155.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-2052.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-2070.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-2074.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-3098.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-5146.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\Lang\lang-9999.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\CCleanerDU.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\CCleanerPerformanceOptimizer.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\CCleanerReactivator.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\libwaapi.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\libwaheap.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\libwalocal.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\libwaresource.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\libwautils.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\libwavmodapi.dllJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\CCleanerBugReport.exeJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\CCleanerCrashDump.exeJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exeJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\CCleanerReactivator.exeJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDirectory created: C:\Program Files\CCleaner\uninst.exeJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOGJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Setup\config.defJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeDirectory created: C:\Program Files\CCleaner\Setup\Jump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeDirectory created: C:\Program Files\CCleaner\Setup\02cb0e58-d7f9-4650-aaa3-c382df995438.iniJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeDirectory created: C:\Program Files\CCleaner\Setup\92a778af-76d6-4186-8535-ae66d08f623f.dllJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeDirectory created: C:\Program Files\CCleaner\Setup\9c909bc2-cad9-48a5-8b4a-a855a60d0635.xmlJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeDirectory created: C:\Program Files\CCleaner\log\DumpProcess.log.tmp.f53516a7-b1d4-4e35-9f9f-5bf19acd8d46Jump to behavior
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeDirectory created: C:\Program Files\CCleaner\LOG\unp31145570364458760i-unhandled.mdmpJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeDirectory created: C:\Program Files\CCleaner\LOG\last.dumpJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeDirectory created: C:\Program Files\CCleaner\log\BugReport.log.tmp.dae51f4d-55cc-41f8-b071-6a014d36c644
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeDirectory created: C:\Program Files\CCleaner\log\BugReport.status
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\gcapi_dll.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\DriverUpdaterLib.log.tmp.accacbd3-aee6-455d-9f5d-9609fdf807c7
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\DriverUpdEng.log.tmp.62d78b02-53aa-4397-82ba-6f79541c1b50
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\DriverUpdEngTask.log.tmp.25e35e65-8152-4023-ad23-4ef6ff68a13b
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\journal
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\log
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\report
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\chest
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\moved
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\fw
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\event_manager.log.tmp.57b5a0f5-3c1f-4a68-8856-fdecb876f055
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\burger_client
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\burger_client\825E3DD4-926B-4EB9-A66E-9F88AAD28A0F
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\burger_client\8866F8A9-70C9-43A2-BFBE-EE00AA2DC417
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\usercfg.ini
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\burger_client\8866F8A9-70C9-43A2-BFBE-EE00AA2DC417\44ED97C8-2D40-4A50-913D-673F6858B9AF
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\BackupStorage
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\burger_client\8866F8A9-70C9-43A2-BFBE-EE00AA2DC417\203abf8c-03ea-4cb7-b490-fe04ea1c26bb
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\su_controller.log.tmp.528f08fa-e71c-4268-add3-1b0450e8eb1a
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\su_telemetry.log.tmp.3dbb3c72-b585-4e54-aa6e-48787f35bd13
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\burger_client
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\burger_client\825E3DD4-926B-4EB9-A66E-9F88AAD28A0F
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\burger_client\8866F8A9-70C9-43A2-BFBE-EE00AA2DC417
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\burger_client\8866F8A9-70C9-43A2-BFBE-EE00AA2DC417\44ED97C8-2D40-4A50-913D-673F6858B9AF
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\burger_client\8866F8A9-70C9-43A2-BFBE-EE00AA2DC417\2bab7519-4020-4dae-a822-3e7f39e8fa82
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\LOG\su_adapter.log.tmp.5669dd20-a121-429d-bc95-a17865357101
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\DUState.dat
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\StateHistory
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\StateHistory\DUState 2024-11-24 11-16-32-817.dat
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\StateHistory\InitialDUState V24_2.dat
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\gcapi_dll.dll
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\Data\StateHistory\DUState 2024-11-24 11-17-08-263.dat
      Source: C:\Program Files\CCleaner\CCleaner64.exeDirectory created: C:\Program Files\CCleaner\gcapi_dll.dll
      Source: C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exeDirectory created: C:\Program Files\CCleaner\LOG\pd.log.tmp.ecbf8d94-bb5d-46ed-abbb-da465ab5d3b8
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeRegistry value created: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CCleanerJump to behavior
      Source: lw2HMxuVuf.exeStatic PE information: certificate valid
      Source: lw2HMxuVuf.exeStatic file information: File size 86349752 > 1048576
      Source: lw2HMxuVuf.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
      Source: Binary string: UxTheme.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: CLBCatQ.pdbr; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: rsaenh.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: winnsi.pdb`; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: bcrypt.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: ucrtbase.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: wbemcomn.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: taskschd.pdbw; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: C:\BUILD\work\c1dae475bef2edc0\bin_x86\v143\Release Static\neutral\pfUI_link.pdb# source: lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2802095777.000000006B047000.00000002.00000001.01000000.0000000B.sdmp
      Source: Binary string: cryptsp.pdbo; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: mskeyprotect.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: msvcrt.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: winnsi.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: cryptsp.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: advapi32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: C:\BUILD\work\67d9289f94964a81\BUILDS\Release\x86\CCUpdate.pdb source: CCUpdate.exe, 00000007.00000000.2510072602.0000000000A34000.00000002.00000001.01000000.00000018.sdmp, CCUpdate.exe, 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmp, CCUpdate.exe, 00000008.00000002.2527898318.0000000000A34000.00000002.00000001.01000000.00000018.sdmp, CCUpdate.exe, 00000008.00000000.2524315754.0000000000A34000.00000002.00000001.01000000.00000018.sdmp
      Source: Binary string: CLBCatQ.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: urlmon.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: schannel.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: shlwapi.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: taskschd.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: D:\work\848d668bab18d6e2\bin_x86\v142\Release Static\neutral\ServiceUninstaller_link.pdb source: lw2HMxuVuf.exe, 00000000.00000002.2800041545.000000006A14B000.00000002.00000001.01000000.00000014.sdmp
      Source: Binary string: kernel32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2557982481.000001A4341F0000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: usp10.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: oleacc.pdb.A source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: win32u.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: urlmon.pdb)A source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: srvcli.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: imm32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: gcapi_dll.dll.pdb| source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmp
      Source: Binary string: comdlg32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: ws2_32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: winspool.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: mswsock.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: iphlpapi.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: nsi.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: webio.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: winmm.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: cfgmgr32.pdb~; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: gpapi.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: powrprof.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: ole32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: gcapi_dll.dll.pdb source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmp
      Source: Binary string: iertutil.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: imm32.pdb$A source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: msasn1.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: C:\_av\BUILDS\Release\x86\emupdate.pdb source: CCUpdate.exe, 00000007.00000003.2588880320.0000000000D65000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: C:\BUILD\work\c1dae475bef2edc0\bin_x86\v143\Release Static\neutral\pfBL_link.pdb source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp
      Source: Binary string: C:\BUILD\work\8889074bed3874b9\bin\CCleaner\Release Static\x64\CCleaner64.pdb source: CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: cfgmgr32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: combase.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: Windows.Storage.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: C:\BUILD\work\7f23b0fca235e2b8\BUILDS\Release\x64\AvBugReport.pdb source: CCleanerBugReport.exe, 0000000B.00000002.2666069416.00007FF66186A000.00000002.00000001.01000000.0000001A.sdmp
      Source: Binary string: ncrypt.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: secur32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: dpapi.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: apphelp.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: rasadhlp.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: UMPDC.pdbc; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: kernelbase.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: netutils.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: C:\BUILD\work\c1dae475bef2edc0\bin_x86\v143\Release Static\neutral\pfUI_link.pdb source: lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2802095777.000000006B047000.00000002.00000001.01000000.0000000B.sdmp
      Source: Binary string: UMPDC.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: dhcpcsvc.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: rpcrt4.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: netutils.pdby; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: fastprox.pdbe; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: schannel.pdbt; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: shcore.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: oleacc.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: shell32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: sspicli.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: msvcp_win.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: dnsapi.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: C:\BUILD\work\7f23b0fca235e2b8\BUILDS\Release\x64\avDump.pdb source: CCleanerCrashDump.exe, 00000009.00000002.2559469510.00007FF66A0F9000.00000002.00000001.01000000.00000019.sdmp, CCleanerCrashDump.exe, 00000009.00000000.2543417283.00007FF66A0F9000.00000002.00000001.01000000.00000019.sdmp
      Source: Binary string: userenv.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: C:\BUILD\work\7f23b0fca235e2b8\BUILDS\Release\x64\avDump.pdbG source: CCleanerCrashDump.exe, 00000009.00000002.2559469510.00007FF66A0F9000.00000002.00000001.01000000.00000019.sdmp, CCleanerCrashDump.exe, 00000009.00000000.2543417283.00007FF66A0F9000.00000002.00000001.01000000.00000019.sdmp
      Source: Binary string: winhttp.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: ntasn1.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: gdi32full.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: gdiplus.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: dbghelp.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: gdi32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: profapi.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: dhcpcsvc6.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: WindowsCodecs.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: dnsapi.pdbQ; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: WLDP.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: sechost.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: dpapi.pdb;1 source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: propsys.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: winhttp.pdbl; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: fastprox.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: wbemsvc.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: mstask.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: ncryptsslp.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: C:\BUILD\work\3ec84b7238d5b18a\BUILDS\Release\x86\AvastAdSDK_Release Static.pdb source: lw2HMxuVuf.exe, 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: msctf.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: version.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: dbgcore.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: user32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: winmm.pdb'A source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: Kernel.Appcore.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: fwpuclnt.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: cryptbase.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: bcryptprimitives.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: C:\BUILD\work\c1dae475bef2edc0\bin_x86\v143\Release Static\neutral\pfBL_link.pdb#@ source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp
      Source: Binary string: ntdll.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2557982481.000001A4341F0000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: Amsi.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: msctf.pdbj; source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: oleaut32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: dxgi.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: apphelp.pdb.1 source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: comctl32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: wbemprox.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: Binary string: crypt32.pdb source: CCleanerCrashDump.exe, 00000009.00000003.2556363631.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2556849605.000001A434231000.00000004.00000020.00020000.00000000.sdmp, CCleanerCrashDump.exe, 00000009.00000003.2557898666.000001A434231000.00000004.00000020.00020000.00000000.sdmp
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009CBC3B __EH_prolog3_GS,GetCommandLineW,GetSystemTime,GetDateFormatW,GetTimeFormatW,GetVersionExW,GetLastError,GetNativeSystemInfo,CallNtPowerInformation,GlobalMemoryStatusEx,GetCurrentProcess,GetSystemDirectoryW,GetLastError,LoadLibraryW,GetProcAddress,FreeLibrary,GetSystemWow64DirectoryW,GetModuleFileNameW,GetFileAttributesExW,GetPrivateProfileStringW,GetPrivateProfileSectionW,CreateDirectoryW,GetTempPathW,GetCurrentDirectoryW,7_2_009CBC3B
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_00A2C09B push ecx; ret 7_2_00A2C0B0
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_00A06960 push ecx; ret 7_2_00A06973
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeCode function: 9_2_00007FF669EFC8A1 push rbp; iretd 9_2_00007FF669EFC8A2

      Persistence and Installation Behavior

      barindex
      Contains functionality to infect the boot sector
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeCode function: GetVersion,CreateFileW,GetLastError,DeviceIoControl,GetLastError,CloseHandle, \\.\PhysicalDrive0_2_6B74CFD0
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeCode function: CreateFileW,GetLastError,DeviceIoControl,GetLastError,DeviceIoControl,CloseHandle, \\.\PhysicalDrive0_2_6B74D340
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeCode function: CreateFileW,GetLastError,DeviceIoControl,GetLastError,DeviceIoControl,CloseHandle, \\.\PhysicalDrive0_2_6B74D740
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: GetVersion,CreateFileW,GetLastError,DeviceIoControl,GetLastError,CloseHandle, \\.\PhysicalDrive%u7_2_009F2870
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: CreateFileW,GetLastError,DeviceIoControl,GetLastError,DeviceIoControl,GetLastError,_strncpy,CloseHandle, \\.\PhysicalDrive%u7_2_009F2AF0
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: CreateFileW,GetLastError,DeviceIoControl,GetLastError,DeviceIoControl,GetLastError,_strncpy,CloseHandle, \\.\PhysicalDrive%u7_2_009F2E10
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-3098.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1030.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\CCleaner64.exeJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\System.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\pfUI.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1065.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\nsDialogs.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1081.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1055.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1065.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1030.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\libwaheap.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1049.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1057.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\uninst.exeJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\p\pfBL.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-5146.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1040.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-5146.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1059.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1032.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1049.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\CCleanerPerformanceOptimizer.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exeJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\UserInfo.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1063.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1045.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1093.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1053.dllJump to dropped file
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile created: C:\Program Files\CCleaner\gcapi_dll.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1040.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1050.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1071.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1037.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1034.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1081.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1067.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1029.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ButtonEvent.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1042.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1043.dllJump to dropped file
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile created: C:\Program Files\CCleaner\gcapi_17324469042992.dll (copy)Jump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1086.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1035.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1060.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1052.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1026.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1025.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1068.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1035.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\p\ServiceUninstaller.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-2052.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-2070.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1052.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\libwalocal.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1031.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1037.dllJump to dropped file
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile created: C:\Program Files\CCleaner\gcapi_1732446922760.dll (copy)Jump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1061.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1155.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1087.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1057.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1044.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1071.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\CCleanerBugReport.exeJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1041.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1027.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\a\asdk.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1067.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1054.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1029.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1059.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-3098.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1046.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\libwaapi.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1063.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1050.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1090.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1093.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\CCUpdate.exeJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1048.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\CCleanerReactivator.exeJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1102.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1038.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1110.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1056.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\libwavmodapi.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\libwaresource.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1066.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1031.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1090.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1155.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1102.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1048.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-2074.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1110.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1056.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1066.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1092.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1079.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1062.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1036.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-2074.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1058.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1028.dllJump to dropped file
      Source: C:\Program Files\CCleaner\CCUpdate.exeFile created: C:\Program Files\CCleaner\Setup\92a778af-76d6-4186-8535-ae66d08f623f.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\libwautils.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-9999.dllJump to dropped file
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile created: C:\Program Files\CCleaner\gcapi_17324469293276.dll (copy)Jump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1046.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1051.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1104.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1041.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1054.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1109.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1034.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1051.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-2052.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\CCleanerCrashDump.exeJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1036.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1061.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1079.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1086.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1087.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1060.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1026.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1027.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\g\gcapi_dll.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1044.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1053.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1043.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-2070.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1104.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1092.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-9999.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\nsProcess.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1109.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1042.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1025.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\CCleanerReactivator.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1062.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\CCleanerDU.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\CCleaner.exeJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1032.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1038.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1045.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1058.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1068.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\INetC.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1055.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\Program Files\CCleaner\Lang\lang-1028.dllJump to dropped file
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009CBC3B __EH_prolog3_GS,GetCommandLineW,GetSystemTime,GetDateFormatW,GetTimeFormatW,GetVersionExW,GetLastError,GetNativeSystemInfo,CallNtPowerInformation,GlobalMemoryStatusEx,GetCurrentProcess,GetSystemDirectoryW,GetLastError,LoadLibraryW,GetProcAddress,FreeLibrary,GetSystemWow64DirectoryW,GetModuleFileNameW,GetFileAttributesExW,GetPrivateProfileStringW,GetPrivateProfileSectionW,CreateDirectoryW,GetTempPathW,GetCurrentDirectoryW,7_2_009CBC3B

      Boot Survival

      barindex
      Contains functionality to infect the boot sector
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeCode function: GetVersion,CreateFileW,GetLastError,DeviceIoControl,GetLastError,CloseHandle, \\.\PhysicalDrive0_2_6B74CFD0
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeCode function: CreateFileW,GetLastError,DeviceIoControl,GetLastError,DeviceIoControl,CloseHandle, \\.\PhysicalDrive0_2_6B74D340
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeCode function: CreateFileW,GetLastError,DeviceIoControl,GetLastError,DeviceIoControl,CloseHandle, \\.\PhysicalDrive0_2_6B74D740
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: GetVersion,CreateFileW,GetLastError,DeviceIoControl,GetLastError,CloseHandle, \\.\PhysicalDrive%u7_2_009F2870
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: CreateFileW,GetLastError,DeviceIoControl,GetLastError,DeviceIoControl,GetLastError,_strncpy,CloseHandle, \\.\PhysicalDrive%u7_2_009F2AF0
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: CreateFileW,GetLastError,DeviceIoControl,GetLastError,DeviceIoControl,GetLastError,_strncpy,CloseHandle, \\.\PhysicalDrive%u7_2_009F2E10
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile created: C:\Windows\Tasks\CCleanerCrashReporting.jobJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key created: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\partmgrJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleanerJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnkJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile created: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.urlJump to behavior
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
      Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009D206A OpenSCManagerW,GetLastError,OpenServiceW,GetLastError,QueryServiceStatus,QueryServiceStatusEx,ControlService,ControlService,Sleep,QueryServiceStatus,OpenProcess,TerminateProcess,CloseHandle,Sleep,StartServiceW,CloseServiceHandle,CloseServiceHandle,CloseServiceHandle,7_2_009D206A
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run CCleaner Smart Cleaning
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run CCleaner Smart Cleaning
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\AutoUpdateJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRootJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key monitored for changes: HKEY_CURRENT_USER\SOFTWARE
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key monitored for changes: HKEY_CURRENT_USER\SOFTWARE
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX

      Malware Analysis System Evasion

      barindex
      Yara detected AntiVM3
      Source: Yara matchFile source: 0000000E.00000003.2795690252.000001479DB6B000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
      Source: Yara matchFile source: 0000000E.00000003.2789770376.000001479CAF6000.00000004.00000020.00020000.00000000.sdmp, type: MEMORY
      Found stalling execution ending in API Sleep call
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeStalling execution: Execution stalls by calling Sleepgraph_0-3887
      Query firmware table information (likely to detect VMs)
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSystem information queried: FirmwareTableInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeSystem information queried: FirmwareTableInformationJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeSystem information queried: FirmwareTableInformationJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exeSystem information queried: FirmwareTableInformationJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeSystem information queried: FirmwareTableInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeSystem information queried: FirmwareTableInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeSystem information queried: FirmwareTableInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeSystem information queried: FirmwareTableInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeSystem information queried: FirmwareTableInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeSystem information queried: FirmwareTableInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeSystem information queried: FirmwareTableInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeSystem information queried: FirmwareTableInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeSystem information queried: FirmwareTableInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeSystem information queried: FirmwareTableInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeSystem information queried: FirmwareTableInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeSystem information queried: FirmwareTableInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeSystem information queried: FirmwareTableInformation
      Source: C:\Program Files\CCleaner\CCUpdate.exeSystem information queried: FirmwareTableInformation
      Source: C:\Program Files\CCleaner\CCUpdate.exeSystem information queried: FirmwareTableInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeSystem information queried: FirmwareTableInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeSystem information queried: FirmwareTableInformation
      Source: C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exeSystem information queried: FirmwareTableInformation
      Source: C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exeSystem information queried: FirmwareTableInformation
      Source: C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exeSystem information queried: FirmwareTableInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeSystem information queried: FirmwareTableInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeSystem information queried: FirmwareTableInformation
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeMemory allocated: 4710000 memory reserve | memory write watch
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeMemory allocated: 4C60000 memory reserve | memory write watch
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeMemory allocated: 4A80000 memory reserve | memory write watch
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeMemory allocated: 4CC0000 memory reserve | memory write watch
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeMemory allocated: 5000000 memory reserve | memory write watch
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeMemory allocated: 4E50000 memory reserve | memory write watch
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeMemory allocated: 244784C0000 memory reserve | memory write watch
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeMemory allocated: 24478640000 memory reserve | memory write watch
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeMemory allocated: 1F905F00000 memory reserve | memory write watch
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeMemory allocated: 1F91E0D0000 memory reserve | memory write watch
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened / queried: C:\Program Files\VMware\VMware Horizon View Client
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened / queried: C:\Program Files (x86)\VMware\VMware Player
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened / queried: C:\Program Files\VMware\VMware Workstation
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened / queried: C:\Program Files\Hyper-V\
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened / queried: C:\Program Files\VMware\VMware Player
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened / queried: C:\Program Files (x86)\VMware\VMware Horizon View Client
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened / queried: C:\Program Files (x86)\VMware\VMware Workstation
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 922337203685477
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 900000
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 899775
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 899617
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 899495
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 899109
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 898952
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 898532
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 898034
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 897385
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 922337203685477
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 922337203685477
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 900000
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 899853
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 899725
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 899622
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 899139
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 922337203685477
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 922337203685477
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 900000
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 899764
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 899569
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 899419
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 899297
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 899056
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 898814
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 898126
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 897860
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 897652
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 897442
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 897298
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 897165
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 896999
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 896798
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 896610
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 896454
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 896266
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 895735
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 895553
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 895405
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 895275
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 895058
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 894934
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 894823
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 894703
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 894587
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 894406
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 894291
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 894172
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 894054
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 922337203685477
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 900000
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 899836
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 899620
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 899495
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 899385
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 899265
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 899149
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 898968
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 898852
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 898748
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 898639
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 898529
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 898420
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 898310
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 898172
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 898027
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: C:\Program Files\CCleaner\CCleaner64.exeWindow / User API: threadDelayed 624
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeWindow / User API: threadDelayed 1034
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeWindow / User API: threadDelayed 481
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeWindow / User API: threadDelayed 1873
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 801
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeWindow / User API: threadDelayed 1764
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 2610
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-3098.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1030.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\System.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\pfUI.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1065.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\nsDialogs.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1081.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1055.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1065.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1030.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1049.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1057.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\uninst.exeJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\p\pfBL.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-5146.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1040.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-5146.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1059.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1032.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1049.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\UserInfo.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1063.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1045.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1093.dllJump to dropped file
      Source: C:\Program Files\CCleaner\CCleaner64.exeDropped PE file which has not been started: C:\Program Files\CCleaner\gcapi_dll.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1053.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1040.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1050.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1071.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1037.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1034.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1081.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1067.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1029.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ButtonEvent.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1042.dllJump to dropped file
      Source: C:\Program Files\CCleaner\CCleaner64.exeDropped PE file which has not been started: C:\Program Files\CCleaner\gcapi_17324469042992.dll (copy)Jump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1043.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1086.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1035.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1060.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1052.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1026.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1025.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1068.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1035.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\p\ServiceUninstaller.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-2052.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-2070.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\libwalocal.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1052.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1031.dllJump to dropped file
      Source: C:\Program Files\CCleaner\CCleaner64.exeDropped PE file which has not been started: C:\Program Files\CCleaner\gcapi_1732446922760.dll (copy)Jump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1037.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1061.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1155.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1087.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1057.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1044.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1071.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1041.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1027.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1067.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\a\asdk.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1029.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1054.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1059.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-3098.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\libwaapi.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1046.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1063.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1050.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1090.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1093.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1048.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\CCleanerReactivator.exeJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1102.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1038.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1110.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1056.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\libwavmodapi.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\libwaresource.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1066.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1031.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1090.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1155.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1102.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1048.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-2074.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1110.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1056.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1092.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1066.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1079.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1062.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1036.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-2074.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1058.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1028.dllJump to dropped file
      Source: C:\Program Files\CCleaner\CCUpdate.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Setup\92a778af-76d6-4186-8535-ae66d08f623f.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-9999.dllJump to dropped file
      Source: C:\Program Files\CCleaner\CCleaner64.exeDropped PE file which has not been started: C:\Program Files\CCleaner\gcapi_17324469293276.dll (copy)Jump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1046.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1051.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1104.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1041.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1054.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1109.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1034.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1051.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-2052.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1036.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1061.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1079.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1086.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1087.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1060.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1026.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1027.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\g\gcapi_dll.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1044.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1053.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1043.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1104.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-2070.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-9999.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1092.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\nsProcess.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1109.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1042.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1025.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\CCleanerReactivator.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1062.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\CCleanerDU.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1038.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1032.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1045.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1068.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\INetC.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1058.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1055.dllJump to dropped file
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeDropped PE file which has not been started: C:\Program Files\CCleaner\Lang\lang-1028.dllJump to dropped file
      Source: C:\Program Files\CCleaner\CCUpdate.exeEvasive API call chain: RegQueryValue,DecisionNodes,Sleep
      Source: C:\Program Files\CCleaner\CCUpdate.exeEvasive API call chain: GetModuleFileName,DecisionNodes,Sleep
      Source: C:\Program Files\CCleaner\CCUpdate.exeCheck user administrative privileges: GetTokenInformation,DecisionNodes
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeAPI coverage: 7.0 %
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key enumerated: More than 138 enums for key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exe TID: 5624Thread sleep time: -60000s >= -30000sJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exe TID: 6448Thread sleep time: -30000s >= -30000sJump to behavior
      Source: C:\Program Files\CCleaner\CCUpdate.exe TID: 6448Thread sleep time: -30000s >= -30000sJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exe TID: 5500Thread sleep time: -60000s >= -30000s
      Source: C:\Program Files\CCleaner\CCleaner64.exe TID: 6152Thread sleep time: -60000s >= -30000s
      Source: C:\Windows\System32\svchost.exe TID: 5492Thread sleep time: -30000s >= -30000s
      Source: C:\Program Files\CCleaner\CCleaner64.exe TID: 7752Thread sleep time: -30000s >= -30000s
      Source: C:\Program Files\CCleaner\CCleaner64.exe TID: 6112Thread sleep count: 105 > 30
      Source: C:\Program Files\CCleaner\CCleaner64.exe TID: 3536Thread sleep count: 59 > 30
      Source: C:\Program Files\CCleaner\CCleaner64.exe TID: 6112Thread sleep count: 180 > 30
      Source: C:\Program Files\CCleaner\CCUpdate.exe TID: 7176Thread sleep time: -90000s >= -30000s
      Source: C:\Program Files\CCleaner\CCUpdate.exe TID: 7176Thread sleep time: -30000s >= -30000s
      Source: C:\Program Files\CCleaner\CCleaner64.exe TID: 616Thread sleep time: -30000s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe TID: 2132Thread sleep count: 1034 > 30
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe TID: 7964Thread sleep time: -2767011611056431s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe TID: 7964Thread sleep time: -900000s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe TID: 7964Thread sleep time: -899775s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe TID: 7964Thread sleep time: -899617s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe TID: 7964Thread sleep time: -899495s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe TID: 7964Thread sleep time: -899109s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe TID: 7964Thread sleep time: -898952s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe TID: 7964Thread sleep time: -898532s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe TID: 7964Thread sleep time: -898034s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe TID: 7964Thread sleep time: -897385s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe TID: 6484Thread sleep time: -922337203685477s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe TID: 6468Thread sleep count: 481 > 30
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe TID: 3920Thread sleep time: -1844674407370954s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe TID: 3920Thread sleep time: -900000s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe TID: 3920Thread sleep time: -899853s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe TID: 3920Thread sleep time: -899725s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe TID: 3920Thread sleep time: -899622s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe TID: 3920Thread sleep time: -899139s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exe TID: 6084Thread sleep time: -922337203685477s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 6500Thread sleep count: 1873 > 30
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -3689348814741908s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -900000s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -899764s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -899569s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -899419s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -899297s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -899056s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -898814s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -898126s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -897860s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -897652s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -897442s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -897298s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -897165s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -896999s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -896798s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -896610s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -896454s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -896266s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -895735s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -895553s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -895405s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -895275s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -895058s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -894934s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -894823s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -894703s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -894587s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -894406s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -894291s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -894172s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7208Thread sleep time: -894054s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 6368Thread sleep time: -922337203685477s >= -30000s
      Source: C:\Program Files\CCleaner\CCleaner64.exe TID: 7532Thread sleep time: -30000s >= -30000s
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7072Thread sleep count: 801 > 30
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 7248Thread sleep time: -922337203685477s >= -30000s
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6416Thread sleep time: -922337203685477s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7988Thread sleep count: 1764 > 30
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7140Thread sleep time: -5534023222112862s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7140Thread sleep time: -900000s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7140Thread sleep time: -899836s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7140Thread sleep time: -899620s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7140Thread sleep time: -899495s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7140Thread sleep time: -899385s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7140Thread sleep time: -899265s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7140Thread sleep time: -899149s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7140Thread sleep time: -898968s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7140Thread sleep time: -898852s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7140Thread sleep time: -898748s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7140Thread sleep time: -898639s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7140Thread sleep time: -898529s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7140Thread sleep time: -898420s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7140Thread sleep time: -898310s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7140Thread sleep time: -898172s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 7140Thread sleep time: -898027s >= -30000s
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exe TID: 3352Thread sleep time: -922337203685477s >= -30000s
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6760Thread sleep count: 2610 > 30
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6392Thread sleep time: -1844674407370954s >= -30000s
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 2072Thread sleep time: -1844674407370954s >= -30000s
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile opened: PhysicalDrive0Jump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT Manufacturer,SMBIOSBIOSVersion,IdentificationCode,SerialNumber,ReleaseDate,Version FROM Win32_BIOS
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT Model,Manufacturer,Name,SerialNumber FROM Win32_BaseBoard
      Source: C:\Program Files\CCleaner\CCleaner64.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT Manufacturer,SMBIOSBIOSVersion,IdentificationCode,SerialNumber,ReleaseDate,Version FROM Win32_BIOS
      Source: C:\Program Files\CCleaner\CCleaner64.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT Model,Manufacturer,Name,SerialNumber FROM Win32_BaseBoard
      Source: C:\Program Files\CCleaner\CCleaner64.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT Manufacturer,SMBIOSBIOSVersion,IdentificationCode,SerialNumber,ReleaseDate,Version FROM Win32_BIOS
      Source: C:\Program Files\CCleaner\CCleaner64.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT Model,Manufacturer,Name,SerialNumber FROM Win32_BaseBoard
      Source: C:\Program Files\CCleaner\CCleaner64.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT Manufacturer,SMBIOSBIOSVersion,IdentificationCode,SerialNumber,ReleaseDate,Version FROM Win32_BIOS
      Source: C:\Program Files\CCleaner\CCleaner64.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT Model,Manufacturer,Name,SerialNumber FROM Win32_BaseBoard
      Source: C:\Program Files\CCleaner\CCleaner64.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : select UUID from win32_computersystemproduct
      Source: C:\Program Files\CCleaner\CCleaner64.exeWMI Queries: IWbemServices::ExecQuery - root\cimv2 : select PCSystemType,Domain from win32_computersystem
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT UniqueId,ProcessorId,Name,Manufacturer FROM Win32_Processor
      Source: C:\Program Files\CCleaner\CCleaner64.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT UniqueId,ProcessorId,Name,Manufacturer FROM Win32_Processor
      Source: C:\Program Files\CCleaner\CCleaner64.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT UniqueId,ProcessorId,Name,Manufacturer FROM Win32_Processor
      Source: C:\Program Files\CCleaner\CCleaner64.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT UniqueId,ProcessorId,Name,Manufacturer FROM Win32_Processor
      Source: C:\Program Files\CCleaner\CCleaner64.exeLast function: Thread delayed
      Source: C:\Program Files\CCleaner\CCleaner64.exeLast function: Thread delayed
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009C7F44 GetSystemTime followed by cmp: cmp esi, 06h and CTI: je 009C80A4h7_2_009C7F44
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009C7F44 GetSystemTime followed by cmp: cmp esi, 05h and CTI: je 009C80A4h7_2_009C7F44
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009C7F44 GetSystemTime followed by cmp: cmp esi, 04h and CTI: je 009C80A4h7_2_009C7F44
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009C7F44 GetSystemTime followed by cmp: cmp esi, 03h and CTI: je 009C80A4h7_2_009C7F44
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009C7F44 GetSystemTime followed by cmp: cmp esi, 02h and CTI: je 009C80A4h7_2_009C7F44
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeFile Volume queried: C:\ FullSizeInformationJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile Volume queried: C:\ FullSizeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile Volume queried: C:\ FullSizeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile Volume queried: C:\ FullSizeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile Volume queried: C:\ FullSizeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile Volume queried: C:\ FullSizeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile Volume queried: C:\ FullSizeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile Volume queried: C:\ FullSizeInformation
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009CF00C __EH_prolog3_GS,FindFirstFileW,SetFileAttributesW,DeleteFileW,GetLastError,Sleep,FindNextFileW,SetFileAttributesW,RemoveDirectoryW,GetLastError,FindClose,7_2_009CF00C
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_00A25B9E FindFirstFileExW,7_2_00A25B9E
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009E0B37 __EH_prolog3_GS,FindFirstFileW,GetFileAttributesW,FindNextFileW,FindClose,7_2_009E0B37
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009EF2A0 GetSystemInfo,GetVersionExW,GetVersionExW,RtlGetVersion,GetModuleHandleW,GetProcAddress,RtlGetVersion,7_2_009EF2A0
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 922337203685477
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 900000
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 899775
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 899617
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 899495
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 899109
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 898952
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 898532
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 898034
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 897385
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 922337203685477
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 922337203685477
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 900000
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 899853
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 899725
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 899622
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 899139
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeThread delayed: delay time: 922337203685477
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 922337203685477
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 900000
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 899764
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 899569
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 899419
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 899297
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 899056
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 898814
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 898126
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 897860
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 897652
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 897442
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 897298
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 897165
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 896999
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 896798
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 896610
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 896454
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 896266
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 895735
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 895553
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 895405
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 895275
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 895058
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 894934
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 894823
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 894703
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 894587
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 894406
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 894291
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 894172
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 894054
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 922337203685477
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 900000
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 899836
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 899620
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 899495
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 899385
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 899265
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 899149
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 898968
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 898852
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 898748
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 898639
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 898529
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 898420
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 898310
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 898172
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 898027
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
      Source: CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: onLicenseKeyisPreviousAvailablegetKeyboardLanguageonManageSubscriptiononActivateNewKeyonAlphaUserInfoonBackToCCleaneronPasteKeyonUserNameactivateconfirmrequestCompanyNameEmailCOptionsLicenseSciterCtrl::onPasteKeyCOptionsLicenseSciterCtrl: the license key couldn't be pasted - no key on the clipboardSetUserNamesetManageLicenseContextEnablePasteSetLicenseKeyfile://LicenseUserInfo.htmfile://LicenseAlphaUserInfo.htmStopWaitingfile://LicenseKeyActivation.htmtracknameStartWaitingSurnamemessageautoExtensionsubscriptionManagementdaysLeftexpiryDatelicenseKeylicenseTypefile://LicenseRegistered.htmfile://ManageLicense.htmdataUpdatedLicenseKey_ManageSubscriptionSoftware\Microsoft\Internet Explorer\SettingsAnchor ColorAnchor Color Visitedtooltips_class32static<A></A>TahomaREQUEST_EVENTS_WINDOW_MESSAGE1COMBOBOXShowOffers3rdPartyHelp improve CCleaneruntickOptions/PrivacyShowOffers1stPartytick/MONITORenable automatic updatesOptions/Updatesenable new version notificationCCleaner Smart CleaningVMware Horizon ClientSoftware\Piriform\CCleanerTaskbarSetProgressStateTaskbarSetProgressValueconfig.def()ACTIVATION_EVENTS_WINDOW_MESSAGEignoreprogramIDcommandError: [Named Pipes] CCleaner::DbgLogger::LogDebug: Trace: Info: Warning: ProgramFolderDataFolderDumpReportingCCleanerCrashDump.exetemp.defSetup[common]Exception installing Crash HandlerCrash Handler installed with result: Exception while creating new directoryCreate LOG subfolderInitialize Crash Handler[CrashSupport] Piriform::CrashSupport::InitializeCrashHandlerException occured when writing to a config file
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: FileKey4=%LocalAppData%\VMware|*.log
      Source: CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: %sApple Mobile Device Serviceoutlook.exeShowEdgePreloadingWarningShowNoxplayerCleanSuspendedWarningvideopad.exeNoxVMSVC.exeNoxVMHandle.exeShowActionCleanSuspendedWarningShowVideoPadVideoEditorCleanSuspendedWarningActionLauncher.exepostbox.exeShowPostboxCleanSuspendedWarningTeraBox.exeShowTeraBoxCleanSuspendedWarningNox.exeMultiPlayerManager.exeOpenVPNConnect.exeShowOpenVPNConnectCleanSuspendedWarningGoTo.exeShowGoToMeetingCleanSuspendedWarningrecorder.exeShowIcecreamScreenRecorderCleanSuspendedWarningiTopPDF.exeShowiTopPDFCleanSuspendedWarningui32.exeShowWallpaperEngineCleanSuspendedWarningShowBlueJeansCleanSuspendedWarningBox.exeShowBitCometCleanSuspendedWarningBlueJeans.exeBox Local Com Service.exeShowBoxEditCleanSuspendedWarningShowBoxDriveCleanSuspendedWarningBox Edit.exevmware-view.exevmwetlm.exeShowVNCViewerCleanSuspendedWarninghorizon_client_service.exeShowCalibreCleanSuspendedWarningBitComet.exeShowVMwareHorizonClientCleanSuspendedWarningcalibre-parallel.exeShowCyberLinkYouCam10CleanSuspendedWarningnextcloud.exeYouCam10.exeYouCamService10.exeShowPlexHTPCCleanSuspendedWarningvncviewer.exeShowNextcloudDesktopClientCleanSuspendedWarningPlex HTPC.exeShowCutePDFCleanSuspendedWarningXmind.exeShowGoodSyncCleanSuspendedWarningCutePDFE.exePlexScriptHost.exeShowPlexMediaServerCleanSuspendedWarningShowXmindCleanSuspendedWarningPlex Media Server.exeShowZoomCleanSuspendedWarningccsa.exeShoWYoutuPlayCleanSuspendedWarningZoom.exeShowCorelPaintShopProCleanSuspendedWarningGoodSync.exeShowCodeCompareCleanSuspendedWarningCorel PaintShop Pro.exeShowMessengerCleanSuspendedWarningCiscoCollabHost.exeShowWPSOfficeCleanSuspendedWarningMessenger.exeShowDouyinCleanSuspendedWarningYouTubePlayer.UWP.exeShowWebexCleanSuspendedWarningDouyin.exeDb.App.exeShowDrawboardPDFCleanSuspendedWarningLINE.exeShowLineCleanSuspendedWarningShowCapCutCleanSuspendedWarningwps.exeCapCut.exeparfait_crash_handler.exerealplay.exeShowRealPlayerCleanSuspendedWarningShowOneDriveCleanSuspendedWarningShowSkypeCleanSuspendedWarningClipchamp.exeShowClipchampCleanSuspendedWarningresso.exeShowRessoCleanSuspendedWarningAppleMobileDeviceProcess.exeiCloud.exesecd.exeAppleFirefoxHost.exeShowTeamsCleanSuspendedWarningShowiCloudCleanSuspendedWarningTeams.exeiCloudPhotos.exeiCloudDrive.exeiCloudServices.exeiCloudIE.exeAppleIEDAV.exeAPSDaemon.exeiCloudFirefox.exeApplePhotoStreams.exeMicrosoft.Photos.exeShowMicrosoftPhotosCleanSuspendedWarningDiscord.exeShowDiscordCleanSuspendedWarningiCloudPrefs.exeiCloudCKKS.exeMicrosoft.Notes.exeShowMicrosoftStickyNotesCleanSuspendedWarningDolbyAccess.exeShowDolbyAccessCleanSuspendedWarningShowMicrosoftToDoCleanSuspendedWarningAcrobat.exeShowAdobeAcrobatReaderCleanSuspendedWarningTelegram.exeShowTelegramCleanSuspendedWarningShowAmazonPrimeCleanSuspendedWarningShowSlackCleanSuspendedWarningShowItunesCleanSuspendedWarningShowWhatsAppCleanSuspendedWarningShowAmazonMusicCleanSuspendedWarningShowNortonBrowserCleanSuspendedWarningShowAviraBrowserCleanSuspendedWarningShowAvas
      Source: lw2HMxuVuf.exe, 00000000.00000002.2802095777.000000006B047000.00000002.00000001.01000000.0000000B.sdmpBinary or memory string: CCREMOVESELFRECURSEActionLauncher.exevideopad.exeNoxVMHandle.exeNoxVMSVC.exeMultiPlayerManager.exeNox.exeOpenVPNConnect.exepostbox.exeTeraBox.exeiTopPDF.exeui32.exeGoTo.exerecorder.exeBox Local Com Service.exeBox Edit.exeBox.exeBlueJeans.exeBitComet.execalibre-parallel.exevmwetlm.exevmware-view.exehorizon_client_service.exevncviewer.exePlex HTPC.exenextcloud.exeYouCamService10.exeYouCam10.exePlexScriptHost.exePlex Media Server.exeXmind.exeCutePDFE.exeGoodSync.exeCorel PaintShop Pro.execcsa.exeZoom.exeYouTubePlayer.UWP.exeDouyin.exeCiscoCollabHost.exeMessenger.exewps.exeparfait_crash_handler.exeCapCut.exeDb.App.exeLINE.exeClipchamp.exeresso.exerealplay.exeSkype.exeFileCoAuth.exeOneDrive.exeTeams.exeiCloud.exeAppleMobileDeviceProcess.exeAppleFirefoxHost.exesecd.exeAPSDaemon.exeAppleIEDAV.exeApplePhotoStreams.exeiCloudFirefox.exeiCloudDrive.exeiCloudPhotos.exeiCloudIE.exeiCloudServices.exeiCloudCKKS.exeiCloudPrefs.exeMicrosoft.Notes.exeMicrosoft.Photos.exeDiscord.exeAcrobat.exeTelegram.exeprimevideo.exeDolbyAccess.exeTodo.exeWhatsApp.exeAppleMobileDeviceService.exeiTunes.exeAmazon Music Helper.exeAmazon Music.exeslack.exe:a3yn
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: FileKey6=%LocalAppData%\Temp|VMware_Horizon_Client*.log
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: [VMware Horizon Client]
      Source: lw2HMxuVuf.exe, 00000000.00000002.2794685834.0000000003D10000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2213470711.0000000003D4C000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2222945307.0000000003D4C000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2794848571.0000000003D4C000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2766117669.0000000003D4C000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000002.2560641566.00000197BBF72000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000002.2562103985.00000197BE4BD000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000003.2534004735.0000000000D17000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000003.2571029060.0000000000D15000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000003.2533875197.0000000000D15000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
      Source: CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: Username: CCleaner CApplication::EnableLogging/monitoring/options/registry/tools/cleaner/log/cleanie/updatefailed/register/createskipuac/scanreg/ccupdate/ccinfo/export/scheduling/advanced /[l|L][i|I][s|S][t|T] +"?{[^"]+})(/[s|S][y|Y][s|S][r|R][e|E][s|S][t|T][o|O][r|R][e|E] +{[0-9]+})/sysrestoreMonitor ApplicationCApplication::ParseCommandlineArguments/unregister( [k|K][e|E][y|Y]=+?"{[^"]+})( [n|N][a|A][m|M][e|E]=+?"{[^"]+})NumOfIssueDetectedDriversNumOfUpToDateDriversPiriformRegistration/manualupdatefromtoaster/issues/du/restoreccb/restoreccbSmartClean:BrowserAlertsSmartClean:JunkAlertsSmartCleanAutoUpdatesUpdateNotificationsActivationoffonLikelyVirtualMachinecc6 research - Detectioncc6 researchDetectionwebview2 :: IsElevatedIsAdminSkipUAC/CLEANER/AUTOJLGamerScoreVersionGamerScoreStartupgui openmonitoringccleaner startup eventCCInfo.txt3.18.17083.19.ShowTrialDiscountOfferUninstall.lnkuninst.exe/OPTIONS/TOOLSTLS1.2TLS1.1OS={}
      Source: CCUpdate.exe, 00000007.00000003.2534004735.0000000000D17000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000003.2571029060.0000000000D15000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000003.2533875197.0000000000D15000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000003.2571262365.0000000000D17000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000002.2688383482.0000000000D15000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWen-GBn
      Source: CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: hardware accelerated execution manager**putty**postgres**pgadmin**oracle**vagrant**xming**sdk**netbeans**github**sourcetree**slack**iis * express**iis express application compatibility database**microsoft sql server management studio**vmware**apache tomcat**glassfish**sublime text**tortoisesvn*szProductVerszInstallDateTime.txt_32settingsextended_expiry_dtnum_licensesSOFTWARE\McAfee\DesktopProtection
      Source: lw2HMxuVuf.exe, 00000000.00000002.2798020466.0000000005470000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: @wgencounter.inf,%GenCounter.SVCDESC%;Microsoft Hyper-V Generation Counter
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: DetectFile1=%ProgramFiles%\VMware\VMware Horizon View Client
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: FileKey6=%ProgramFiles%\VMware\VMware Workstation\ico|*.ico
      Source: lw2HMxuVuf.exe, 00000000.00000002.2798020466.0000000005470000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: @virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: FileKey3=%ProgramData%\VMware\VDM\logs|*.*
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: FileKey2=%ProgramData%\VMware\VDM\logs|*.*
      Source: CCleaner64.exe, 00000005.00000002.2560641566.00000197BBF3B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMware Horizon Client$
      Source: CCUpdate.exe, 00000007.00000003.2533875197.0000000000CED000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000002.2688383482.0000000000CEF000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW8T
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: [VMware Player]
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: DetectFile1=%ProgramFiles%\VMware\VMware Player
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: DetectFile1=%ProgramFiles%\VMware\VMware Workstation
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: [VMware Workstation]
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: FileKey4=%LocalAppData%\VMware\VDM\logs|*.*
      Source: CCleaner64.exe, 00000005.00000002.2560641566.00000197BBF3B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMware Horizon Client^
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: FileKey4=%LocalAppData%\Temp\vmware-*|*.*
      Source: lw2HMxuVuf.exe, 00000000.00000003.2258418784.0000000006140000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: ZeqHGFSQN=HME31
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: FileKey5=%LocalAppData%\Temp\vmware-*|*.*
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: FileKey5=%ProgramFiles%\Common Files\VMware\InstallerCache|*.*
      Source: lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmpBinary or memory string: [*python**java se development kit**xamarin**winscp**microsoft azure**microsoft r client**bkchem**cronos**visual c++ for mobile development**mysql connector c++**microsoft visual c++ build tools**dev-c++**cmake**trafico de fauna**mm7270**gnu privacy guard**e-reader**kokori**ginga.ar**labcam**forcepad**khi3**maxima**microsoft emulator**gapminder**avidemux**scilab**version imagen**songsmith**modellus**fusioninventory**pilas-engine**alice application**eqtabla**jetbrains**git version**mysql**prerequisites for ssdt**node.js**android studio**winpcap*unity**xampp**atom**blender**arduino**netbeans**github**sourcetree**slack**oracle**vagrant**xming**sdk**apache tomcat**glassfish**sublime text**tortoisesvn**iis * express**iis express application compatibility database**microsoft sql server management studio**vmware**microsoft system clr types for sql server**microsoft .net framework * multi-targeting pack**microsoft sql server * management objects**windows software development kit**notepad++**microsoft sql server * transact-sql scriptdom**microsoft sql server * express localdb**microsoft visual studio * shell**intel
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: DetectFile2=%ProgramFiles%\VMware\VMware Workstation
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: FileKey3=%LocalAppData%\Temp\vmware-*|*.*
      Source: CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: LikelyVirtualMachine
      Source: CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: Update config.def file under Piriform::CrashSupport::UpdateConfigFileException occured when creating config.def file with [common] values from ShepherdCreate config.def file under Piriform::CrashSupport::CreateConfigFile --guid " --programpath " --path " --send dumps|report--product 90Exception while checking if config folder existsGet crash config from config.def filePiriform::CrashSupport::ReadConfigFiledisabledenabledCrash Reporting scheduled task Piriform::CrashSupport::UpdateCrashReportingTaskStatus\CCleanerBugReport.exe Piriform::CrashSupport::CrashReportParameters --silent --version "Add crash reporting scheduled task which runs daily crash reporting scheduled task - error when loading crash reporting scheduled task - error when saving: disabled enabledFailed to 4141FCD7-B506-4916-8EC4-D38E4373F47AF9FD4EDF-1129-4DBC-9A8C-9EE7271FBE7Etrial-source-none17191109A435FAA9-2311-4E23-B944-096D54E9DB317F4CCD0B-B3BE-4FD2-9A26-A0299FDE418B78E68749-DE5B-404A-9B44-7A5AEDED1CFCF16A9578-E0E4-4EA7-8FD7-E91C0061A9FD103134healthcheckNF-trial-offer17931017softwareupdater-trial-offer17101108198050performanceOptimizer-trial-offer165286436driverupdater-trial-offer952accountmanager-start-trial-offer1121accountmanager-trial-offer199437options-trial-offer1993optionsabout-trial-offer44schedulervalidation-trial-offer171540schedulerhomescreen-trial-offer171410503920customclean-trial-offer1927106145clouddrivecleaner-trial-offer20291131healthcheck-direct-30d-trial-offer2012onboarding-trial-offer1937108147upgradebutton-trial-offer1940109148healthcheck-interstitial-60d-trial-offer2013healthcheck-interstitial-30d-trial-offer2011healthcheck-direct-60d-trial-offer2014toaster-offer1929107146healthcheck-banner-offer1943Application EndedCApplication::~CApplicationhttp_proxy_loader.dllSendMessageToMainApp: Sending message, action: SendMessageToMainApp: Opened main application window, waiting for it to openSendMessageToMainApp: Cannot send message, invalid data or from wrong flowCApplication::SendMessageToMainApplication /debug %dPrevious CountBroken CountError type/autojl()Scripting/autojlRun CCleaner/autorb/monitorSendMessageToMainApp: Could not find main application window/auto/shutdown/shutdown/auto/autosc/autosc/autos/autos/update/method/delete/method %d/method/delete/restart/restartSYSTEM\CurrentControlSet\Control\SystemInformationOpen CCleaner/frb/analyze/analyze/clean/clean/updateParallels ARM Virtual MachineGoogleGoogle Compute EngineCloud PC EnterpriseMicrosoft CorporationVirtual Machineinnotek GmbHVirtualBoxCOOLHOUSING s.r.o.Virtual serverQEMUQEMU Virtual MachineParallelsParallels Software International Inc.Parallels Virtual PlatformParallels International GmbH.UpCloudTencent CloudVMware, Inc.Amazon EC2Baidu CloudBaidu Cloud BCCAlibaba CloudAlibaba Cloud ECSVirtual ServerVirtual PlatformSystemProductNameSystemManufacturerVultrVirtuozzoQuanta Cloud Technology Inc.ThinCloud/updatesuccess/uac/debugApplication Started
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: VMware Horizon Client
      Source: lw2HMxuVuf.exe, 00000000.00000002.2802095777.000000006B047000.00000002.00000001.01000000.0000000B.sdmpBinary or memory string: %s%slang\lang-.dlllang-%s\%s%d%siexploreshell32SHQueryRecycleBinWSHUpdateRecycleBinIcon.exe(null)*VMware Horizon ClientSELECT * FROM __InstanceDeletionEvent WITHIN 1 WHERE TargetInstance ISA 'Win32_Process'" - %lldBad optional accessCCleanerSkipUACCCleaner"*64.exe64.Software\Microsoft\Windows\CurrentVersion\RunEVENTS_WINDOW_MESSAGEUnmatched '}' in format string.winsyswinappwinregFILEPATHREGFIREFOXCHROMETHUNDERBIRDOPERACCLEANERVIVALDIBRAVEOPERAGXSPOTIFYAVASTSECUREBROWSERARCIncludeExcludeCustomLocationFinderIncludeFinderExcludeinfnan(ind)nannan(snan)Invalid format string.Unknown format specifier.Missing '}' in format string.Can not switch from manual to automatic indexingFormat specifier requires numeric argument.Can not switch from automatic to manual indexingInvalid type specification.Invalid presentation type specifierInvalid presentation type for boolInvalid presentation type for charInvalid presentation type for integerInvalid presentation type for floating-pointInvalid presentation type for stringInvalid presentation type for pointerModifier requires an integer presentation type for bool0e+00Number is too biginvalid fill character '{'Missing precision specifier.Invalid fill (too long).Precision not allowed for this argument type.Argument not found.String pointer is null.integral cannot be stored in char0b0B0x0X0\t\t\n\n\r\r\\\\\u{\u{\x{\x{Number is too big.Width is not an integer.Negative width.Precision is not an integer.Negative precision.
      Source: lw2HMxuVuf.exe, 00000000.00000002.2798020466.0000000005470000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: @wvpci.inf,%vpci.SVCDESC%;Microsoft Hyper-V Virtual PCI Bus0
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: FileKey1=%ProgramData%\VMware\logs|*.*
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: VMware Player
      Source: lw2HMxuVuf.exe, 00000000.00000002.2798020466.0000000005470000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: @wvmgid.inf,%VmGid.SVCDESC%;Microsoft Hyper-V Guest Infrastructure Driverice
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: FileKey3=%ProgramData%\VMware\vmwetlm\logs|*.*
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: VMware Workstation
      Source: lw2HMxuVuf.exe, 00000000.00000002.2798020466.0000000005470000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: @wstorflt.inf,%service_desc%;Microsoft Hyper-V Storage Accelerator
      Source: CCleanerBugReport.exe, 0000000B.00000003.2555480964.000001D24E891000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \Device\HarddiskVolume1\??\Volume{ad6cc5d8-f1a9-4873-be33-91b2f05e9306}\??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\Device\CdRom0\??\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\DosDevices\D:g
      Source: CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: FileKey2=%Program Files%\VMware\VMware Player\ico|*.*
      Source: CCleaner64.exe, 00000005.00000002.2562103985.00000197BE4BD000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWYcr
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess information queried: ProcessInformationJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess queried: DebugPortJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess queried: DebugPortJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess queried: DebugPortJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeProcess queried: DebugPort
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess queried: DebugPort
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess queried: DebugPort
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess queried: DebugPort
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess queried: DebugPort
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess queried: DebugPort
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess queried: DebugPort
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess queried: DebugPort
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeCode function: 9_2_00007FF66A061C20 GetModuleHandleW,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetLastError,GetLastError,GetLastError,GetLastError,GetLastError,LdrUnlockLoaderLock,9_2_00007FF66A061C20
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_00A0661F IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,7_2_00A0661F
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009CE1E7 __EH_prolog3_catch_GS,GetSystemTime,GetCurrentProcessId,CreateFileW,GetLastError,Sleep,GetLastError,WriteFile,WriteFile,WriteFile,WriteFile,GetFileSizeEx,NtSetInformationFile,OutputDebugStringW,CloseHandle,7_2_009CE1E7
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009CBC3B __EH_prolog3_GS,GetCommandLineW,GetSystemTime,GetDateFormatW,GetTimeFormatW,GetVersionExW,GetLastError,GetNativeSystemInfo,CallNtPowerInformation,GlobalMemoryStatusEx,GetCurrentProcess,GetSystemDirectoryW,GetLastError,LoadLibraryW,GetProcAddress,FreeLibrary,GetSystemWow64DirectoryW,GetModuleFileNameW,GetFileAttributesExW,GetPrivateProfileStringW,GetPrivateProfileSectionW,CreateDirectoryW,GetTempPathW,GetCurrentDirectoryW,7_2_009CBC3B
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_00A1F22C mov ecx, dword ptr fs:[00000030h]7_2_00A1F22C
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_00A24602 mov eax, dword ptr fs:[00000030h]7_2_00A24602
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_00A24646 mov eax, dword ptr fs:[00000030h]7_2_00A24646
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009BA9D6 __EH_prolog3,GetProcessHeap,7_2_009BA9D6
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess token adjusted: DebugJump to behavior
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeProcess token adjusted: Debug
      Source: C:\Program Files\CCleaner\CCleanerBugReport.exeProcess token adjusted: Debug
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess token adjusted: Debug
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess token adjusted: Debug
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess token adjusted: Debug
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess token adjusted: Debug
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess token adjusted: Debug
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess token adjusted: Debug
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess token adjusted: Debug
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess token adjusted: Debug
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess token adjusted: Debug
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess token adjusted: Debug
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess token adjusted: Debug
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeProcess token adjusted: Debug
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeProcess token adjusted: Debug
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeProcess token adjusted: Debug
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess token adjusted: Debug
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess token adjusted: Debug
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: Debug
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeProcess token adjusted: Debug
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: Debug
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess token adjusted: Debug
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_00A0600E SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,7_2_00A0600E
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_00A0661F IsProcessorFeaturePresent,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,7_2_00A0661F
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_00A067AC SetUnhandledExceptionFilter,7_2_00A067AC
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_00A0AA73 IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,7_2_00A0AA73
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeCode function: 9_2_00007FF66A09ECE0 RtlCaptureContext,RtlLookupFunctionEntry,RtlVirtualUnwind,IsDebuggerPresent,SetUnhandledExceptionFilter,UnhandledExceptionFilter,9_2_00007FF66A09ECE0
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeCode function: 9_2_00007FF66A090684 SetUnhandledExceptionFilter,UnhandledExceptionFilter,GetCurrentProcess,TerminateProcess,9_2_00007FF66A090684
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeMemory allocated: page read and write | page guard

      HIPS / PFW / Operating System Protection Evasion

      barindex
      Bypasses PowerShell execution policy
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription"
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess created: C:\Program Files\CCleaner\CCleaner64.exe "C:\Program Files\CCleaner\CCleaner64.exe" /createSkipUAC Jump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess created: C:\Program Files\CCleaner\CCUpdate.exe "C:\Program Files\CCleaner\CCUpdate.exe" /regJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://www.ccleaner.com/go/app_releasenotes?p=1&v=&l=1033&b=1&a=0Jump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeProcess created: C:\Program Files\CCleaner\CCleaner64.exe "C:\Program Files\CCleaner\CCleaner64.exe" Jump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeProcess created: C:\Program Files\CCleaner\CCleaner64.exe "C:\Program Files\CCleaner\CCleaner64.exe" /monitor
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /S /C ""C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" > "C:\Users\user\AppData\Local\Temp\OPSBBCA.tmp" 2> "C:\Users\user\AppData\Local\Temp\OPSBBCB.tmp""
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription"
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /S /C ""C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" > "C:\Users\user\AppData\Local\Temp\OPSD146.tmp" 2> "C:\Users\user\AppData\Local\Temp\OPSD147.tmp""
      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription"
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009CE871 __EH_prolog3,InitializeSecurityDescriptor,SetSecurityDescriptorDacl,7_2_009CE871
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_009D0058 GetCurrentProcess,OpenProcessToken,AllocateAndInitializeSid,GetTokenInformation,EqualSid,FreeSid,CloseHandle,7_2_009D0058
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_00A0643E cpuid 7_2_00A0643E
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeCode function: EnumSystemLocalesW,9_2_00007FF66A0BAC38
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeCode function: EnumSystemLocalesW,9_2_00007FF66A0BAD08
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeCode function: GetLocaleInfoW,GetLocaleInfoW,GetACP,9_2_00007FF66A0BB148
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeCode function: EnumSystemLocalesW,9_2_00007FF66A0B2A44
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeCode function: GetLocaleInfoEx,FormatMessageA,9_2_00007FF66A08FA80
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeCode function: EnumSystemLocalesW,GetUserDefaultLCID,ProcessCodePage,IsValidCodePage,IsValidLocale,GetLocaleInfoW,GetLocaleInfoW,9_2_00007FF66A0BB324
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeCode function: TranslateName,TranslateName,GetACP,IsValidCodePage,GetLocaleInfoW,9_2_00007FF66A0BA8E8
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeCode function: GetLocaleInfoW,9_2_00007FF66A0B2EDC
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0Jump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\CC_logo_72x66.png VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\CC_Logo_40x96.png VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\PF_computer.png VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\ VolumeInformationJump to behavior
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeQueries volume information: C:\ VolumeInformationJump to behavior
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Windows\Fonts\segoeuib.ttf VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Program Files\CCleaner\LOG\event_manager.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Program Files\CCleaner\LOG\event_manager.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Program Files\CCleaner\LOG\DriverUpdEng.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Program Files\CCleaner\LOG\DriverUpdEngTask.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Program Files\CCleaner\LOG\su_telemetry.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Program Files\CCleaner\LOG\su_telemetry.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Program Files\CCleaner\LOG\su_controller.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Windows\Fonts\times.ttf VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Windows\Fonts\tahoma.ttf VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Windows\Fonts\segoeuib.ttf VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Program Files\CCleaner\LOG\DriverUpdaterLib.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Program Files\CCleaner\LOG\DriverUpdEng.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Program Files\CCleaner\LOG\DriverUpdEngTask.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Program Files\CCleaner\LOG\event_manager.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Program Files\CCleaner\LOG\event_manager.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Program Files\CCleaner\LOG\event_manager.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Program Files\CCleaner\LOG\DriverUpdEng.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Program Files\CCleaner\LOG\DriverUpdEngTask.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Program Files\CCleaner\LOG\su_controller.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Program Files\CCleaner\LOG\su_telemetry.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Program Files\CCleaner\LOG\su_telemetry.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Program Files\CCleaner\LOG\su_telemetry.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Program Files\CCleaner\LOG\su_controller.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Program Files\CCleaner\LOG\su_adapter.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V0100006.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V0100006.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation
      Source: C:\Program Files\CCleaner\CCleaner64.exeQueries volume information: C:\Windows\Fonts\segoeuib.ttf VolumeInformation
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll VolumeInformation
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll VolumeInformation
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.WSMan.Management\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.WSMan.Management.dll VolumeInformation
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exeQueries volume information: C:\Program Files\CCleaner\LOG\event_manager.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exeQueries volume information: C:\Program Files\CCleaner\LOG\event_manager.log VolumeInformation
      Source: C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exeQueries volume information: C:\Program Files\CCleaner\LOG\event_manager.log VolumeInformation
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.PowerShell.Commands.Management\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.PowerShell.Commands.Management.dll VolumeInformation
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceProcess\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll VolumeInformation
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll VolumeInformation
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.WSMan.Management\v4.0_3.0.0.0__31bf3856ad364e35\Microsoft.WSMan.Management.dll VolumeInformation
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_32.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
      Source: C:\Program Files\CCleaner\wa_3rd_party_host_64.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
      Source: C:\Program Files\CCleaner\CCleanerCrashDump.exeQueries volume information: C:\Program Files\CCleaner\LOG\DumpProcess.log VolumeInformation
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeCode function: 0_2_6B794210 GetSystemTimes,0_2_6B794210
      Source: C:\Program Files\CCleaner\CCUpdate.exeCode function: 7_2_00A25092 GetTimeZoneInformation,7_2_00A25092
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeCode function: 0_2_6B74CFD0 GetVersion,CreateFileW,GetLastError,DeviceIoControl,GetLastError,CloseHandle,0_2_6B74CFD0
      Source: C:\Users\user\Desktop\lw2HMxuVuf.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

      Lowering of HIPS / PFW / Operating System Security Settings

      barindex
      Disables Windows system restore
      Source: C:\Program Files\CCleaner\CCleaner64.exeRegistry key created or modified: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore SystemRestorePointCreationFrequency
      Source: lw2HMxuVuf.exeBinary or memory string: guardxkickoff.exe
      Source: lw2HMxuVuf.exe, 00000000.00000003.2775079657.0000000003E37000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2771923430.0000000003E1E000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2783345897.0000000003E3A000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2772165852.0000000003E2F000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2781580724.0000000003E3A000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2795911206.0000000003E3A000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: AVKService.exe
      Source: lw2HMxuVuf.exe, lw2HMxuVuf.exe, 00000000.00000002.2796059986.0000000003E54000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2769327001.0000000003E3F000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2776195650.0000000003E53000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: avcenter.exe
      Source: lw2HMxuVuf.exeBinary or memory string: vsserv.exe
      Source: lw2HMxuVuf.exe, 00000000.00000003.2769125944.0000000003F01000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2782233568.0000000003F01000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2796600283.0000000003F01000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: cfp.exe
      Source: lw2HMxuVuf.exe, 00000000.00000002.2803313882.000000006B485000.00000002.00000001.01000000.0000000B.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000002.2566152433.00007FF7D8088000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: DetectFile1=%ProgramFiles%\Malwarebytes' Anti-Malware\mbam.exe
      Source: lw2HMxuVuf.exeBinary or memory string: dwengine.exe
      Source: lw2HMxuVuf.exeBinary or memory string: mcshield.exe
      Source: lw2HMxuVuf.exe, 00000000.00000003.2769125944.0000000003F01000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2782233568.0000000003F01000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2796600283.0000000003F01000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: vsmon.exe
      Source: lw2HMxuVuf.exeBinary or memory string: mcupdate.exe
      Source: lw2HMxuVuf.exeBinary or memory string: a2service.exe
      Source: lw2HMxuVuf.exe, lw2HMxuVuf.exe, 00000000.00000002.2796004323.0000000003E40000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2781695830.0000000003E40000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2769327001.0000000003E3F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: guardxservice.exe
      Source: lw2HMxuVuf.exe, lw2HMxuVuf.exe, 00000000.00000002.2796059986.0000000003E54000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2769327001.0000000003E3F000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2776195650.0000000003E53000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: bdagent.exe
      Source: lw2HMxuVuf.exe, lw2HMxuVuf.exe, 00000000.00000003.2781540563.0000000003E63000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2796157960.0000000003E6A000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2769327001.0000000003E3F000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2776195650.0000000003E53000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: acs.exe
      Source: lw2HMxuVuf.exeBinary or memory string: cmdagent.exe
      Source: lw2HMxuVuf.exe, 00000000.00000003.2769125944.0000000003F01000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2782233568.0000000003F01000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2796600283.0000000003F01000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: MSASCui.exe
      Source: lw2HMxuVuf.exeBinary or memory string: avguard.exe
      Source: lw2HMxuVuf.exe, lw2HMxuVuf.exe, 00000000.00000002.2796059986.0000000003E54000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2769327001.0000000003E3F000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2776195650.0000000003E53000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: BullGuard.exe
      Source: lw2HMxuVuf.exeBinary or memory string: dwservice.exe
      Source: lw2HMxuVuf.exe, 00000000.00000003.2769125944.0000000003F01000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2782233568.0000000003F01000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2796600283.0000000003F01000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: avp.exe
      Source: lw2HMxuVuf.exe, lw2HMxuVuf.exe, 00000000.00000002.2796059986.0000000003E54000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2769327001.0000000003E3F000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2776195650.0000000003E53000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: avgcsrvx.exe
      Source: lw2HMxuVuf.exe, lw2HMxuVuf.exe, 00000000.00000002.2796059986.0000000003E54000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2769327001.0000000003E3F000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2776195650.0000000003E53000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ClamTray.exe
      Source: lw2HMxuVuf.exeBinary or memory string: avgnsx.exe
      Source: lw2HMxuVuf.exeBinary or memory string: a2start.exe
      Source: lw2HMxuVuf.exeBinary or memory string: avgnt.exe
      Source: lw2HMxuVuf.exeBinary or memory string: a2guard.exe
      Source: lw2HMxuVuf.exe, 00000000.00000003.2772473215.0000000003E27000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2771923430.0000000003E1E000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2781630779.0000000003E2A000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2795747992.0000000003E2C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: 360Tray.exe
      Source: lw2HMxuVuf.exe, 00000000.00000002.2803313882.000000006B485000.00000002.00000001.01000000.0000000B.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000002.2566152433.00007FF7D8088000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8175000.00000002.00000001.01000000.00000017.sdmpBinary or memory string: DetectFile2=%ProgramFiles%\Malwarebytes Anti-Malware\mbam.exe
      Source: lw2HMxuVuf.exe, 00000000.00000003.2771923430.0000000003E1E000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2795803575.0000000003E31000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2772165852.0000000003E2F000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: FPAVServer.exe
      Source: lw2HMxuVuf.exeBinary or memory string: mbam.exe
      Source: lw2HMxuVuf.exe, 00000000.00000003.2769125944.0000000003F01000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2782233568.0000000003F01000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2796600283.0000000003F01000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: QUHLPSVC.EXE
      Source: lw2HMxuVuf.exe, lw2HMxuVuf.exe, 00000000.00000002.2796059986.0000000003E54000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2769327001.0000000003E3F000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2776195650.0000000003E53000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: ClamWin.exe

      Stealing of Sensitive Information

      barindex
      Tries to harvest and steal browser information (history, passwords, etc)
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\webappsstore.sqlite-shm
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\cookies.sqlite
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\cookies.sqlite-shm
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\prefs.js
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\places.sqlite
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\databases\Databases.db
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOCK
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\compatibility.ini
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\webappsstore.sqlite-wal
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\cookies.sqlite-wal
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\profiles.ini
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\webappsstore.sqlite
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\permissions.sqlite
      Source: C:\Program Files\CCleaner\CCleaner64.exeFile opened: C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies

      Mitre Att&ck Matrix

      ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
      Gather Victim Identity InformationAcquire Infrastructure1
      Drive-by Compromise      		31
      Windows Management Instrumentation      		1
      DLL Side-Loading      		1
      DLL Side-Loading      		1
      Disable or Modify Tools      		1
      OS Credential Dumping      		12
      System Time Discovery      		Remote Services11
      Archive Collected Data      		3
      Ingress Tool Transfer      		Exfiltration Over Other Network Medium1
      Inhibit System Recovery
      CredentialsDomains1
      Valid Accounts      		3
      Native API      		1
      Valid Accounts      		1
      Valid Accounts      		1
      Deobfuscate/Decode Files or Information      		LSASS Memory3
      File and Directory Discovery      		Remote Desktop Protocol1
      Data from Local System      		11
      Encrypted Channel      		Exfiltration Over BluetoothNetwork Denial of Service
      Email AddressesDNS ServerDomain Accounts2
      Command and Scripting Interpreter      		12
      Windows Service      		11
      Access Token Manipulation      		2
      Obfuscated Files or Information      		Security Account Manager88
      System Information Discovery      		SMB/Windows Admin SharesData from Network Shared Drive4
      Non-Application Layer Protocol      		Automated ExfiltrationData Encrypted for Impact
      Employee NamesVirtual Private ServerLocal Accounts2
      Scheduled Task/Job      		2
      Scheduled Task/Job      		12
      Windows Service      		1
      DLL Side-Loading      		NTDS1
      Query Registry      		Distributed Component Object ModelInput Capture5
      Application Layer Protocol      		Traffic DuplicationData Destruction
      Gather Victim Network InformationServerCloud Accounts2
      Service Execution      		11
      Registry Run Keys / Startup Folder      		11
      Process Injection      		13
      Masquerading      		LSA Secrets191
      Security Software Discovery      		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
      Domain PropertiesBotnetReplication Through Removable Media1
      PowerShell      		1
      Bootkit      		2
      Scheduled Task/Job      		1
      Valid Accounts      		Cached Domain Credentials11
      Process Discovery      		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
      DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup Items11
      Registry Run Keys / Startup Folder      		181
      Virtualization/Sandbox Evasion      		DCSync181
      Virtualization/Sandbox Evasion      		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery
      Network Trust DependenciesServerlessDrive-by CompromiseContainer Orchestration JobScheduled Task/JobScheduled Task/Job11
      Access Token Manipulation      		Proc Filesystem1
      Application Window Discovery      		Cloud ServicesCredential API HookingApplication Layer ProtocolExfiltration Over Alternative ProtocolDefacement
      Network TopologyMalvertisingExploit Public-Facing ApplicationCommand and Scripting InterpreterAtAt11
      Process Injection      		/etc/passwd and /etc/shadowNetwork SniffingDirect Cloud VM ConnectionsData StagedWeb ProtocolsExfiltration Over Symmetric Encrypted Non-C2 ProtocolInternal Defacement
      IP AddressesCompromise InfrastructureSupply Chain CompromisePowerShellCronCron1
      Bootkit      		Network SniffingNetwork Service DiscoveryShared WebrootLocal Data StagingFile Transfer ProtocolsExfiltration Over Asymmetric Encrypted Non-C2 ProtocolExternal Defacement

      Behavior Graph

      Hide Legend

      Legend:

      • Process
      • Signature
      • Created File
      • DNS/IP Info
      • Is Dropped
      • Is Windows Process
      • Number of created Registry Values
      • Number of created Files
      • Visual Basic
      • Delphi
      • Java
      • .Net C# or VB.NET
      • C, C++ or other language
      • Is malicious
      • Internet
      behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1561836 Sample: lw2HMxuVuf.exe Startdate: 24/11/2024 Architecture: WINDOWS Score: 42 107 winqual.sb.avast.com 2->107 109 streamback-cl1.ns1.ff.avast.com 2->109 111 18 other IPs or domains 2->111 141 Yara detected AntiVM3 2->141 143 Contains functionality to infect the boot sector 2->143 145 Sigma detected: Script Interpreter Execution From Suspicious Folder 2->145 10 lw2HMxuVuf.exe 160 234 2->10         started        15 CCleaner.exe 2->15         started        17 CCleaner.exe 2->17         started        19 8 other processes 2->19 signatures3 process4 dnsIp5 131 ipm-gcp-prod.ff.avast.com 34.111.24.1, 443, 49712, 49993 GOOGLEUS United States 10->131 133 analytics-prod-gcp.ff.avast.com 34.117.223.223, 443, 49708, 49743 GOOGLE-AS-APGoogleAsiaPacificPteLtdSG United States 10->133 135 shepherd-gcp.ff.avast.com 34.160.176.28, 443, 49737, 49765 ATGS-MMD-ASUS United States 10->135 99 C:\Program Files\...\wa_3rd_party_host_64.exe, PE32+ 10->99 dropped 101 C:\Program Files\...\wa_3rd_party_host_32.exe, PE32 10->101 dropped 103 CCleanerPerformanceOptimizerService.exe, PE32+ 10->103 dropped 105 145 other files (3 malicious) 10->105 dropped 161 Query firmware table information (likely to detect VMs) 10->161 163 Found stalling execution ending in API Sleep call 10->163 165 Contains functionality to infect the boot sector 10->165 21 CCleaner64.exe 10->21         started        25 CCUpdate.exe 2 7 10->25         started        28 CCleaner64.exe 2 10 10->28         started        30 chrome.exe 10->30         started        32 CCleaner64.exe 15->32         started        34 CCleaner64.exe 17->34         started        36 conhost.exe 17->36         started        137 streamback-cl1.ns1.ff.avast.com 35.190.209.22, 443, 49803, 49810 GOOGLEUS United States 19->137 139 127.0.0.1 unknown unknown 19->139 38 CCleaner64.exe 19->38         started        40 conhost.exe 19->40         started        file6 signatures7 process8 dnsIp9 87 C:\...\gcapi_17324469042992.dll (copy), PE32+ 21->87 dropped 147 Tries to harvest and steal browser information (history, passwords, etc) 21->147 42 wa_3rd_party_host_64.exe 21->42         started        45 wa_3rd_party_host_32.exe 21->45         started        119 ip-info-gcp.ff.avast.com 34.111.175.102, 443, 49784, 49816 GOOGLEUS United States 25->119 89 92a778af-76d6-4186-8535-ae66d08f623f.dll, PE32 25->89 dropped 47 CCUpdate.exe 25->47         started        49 CCleanerCrashDump.exe 4 28->49         started        121 192.168.2.5, 443, 49703, 49704 unknown unknown 30->121 123 239.255.255.250 unknown Reserved 30->123 51 chrome.exe 30->51         started        125 driver-updater-gcp.ff.avast.com 34.149.202.126, 443, 50044, 50126 ATGS-MMD-ASUS United States 32->125 127 siteintercept.qualtrics.com 32->127 129 siteintercept.qprod2.net 32->129 91 C:\Program Files\CCleaner\gcapi_dll.dll, PE32+ 32->91 dropped 93 C:\...\gcapi_17324469293276.dll (copy), PE32+ 32->93 dropped 149 Query firmware table information (likely to detect VMs) 32->149 151 Disables Windows system restore 32->151 54 wa_3rd_party_host_64.exe 32->54         started        56 wa_3rd_party_host_32.exe 32->56         started        58 CCleaner64.exe 32->58         started        61 CCleanerCrashDump.exe 34->61         started        file10 signatures11 process12 dnsIp13 63 cmd.exe 42->63         started        65 conhost.exe 42->65         started        67 conhost.exe 45->67         started        69 conhost.exe 49->69         started        113 edge.gycpi.b.yahoodns.net 87.248.114.12, 443, 49960, 49977 YAHOO-ULSGB United Kingdom 51->113 115 s.twitter.com 104.244.42.195, 443, 50030, 50032 TWITTERUS United States 51->115 117 77 other IPs or domains 51->117 155 Reads the Security eventlog 54->155 157 Reads the System eventlog 54->157 71 cmd.exe 54->71         started        75 conhost.exe 54->75         started        77 conhost.exe 56->77         started        97 C:\...\gcapi_1732446922760.dll (copy), PE32+ 58->97 dropped 159 Query firmware table information (likely to detect VMs) 58->159 file14 signatures15 process16 file17 79 conhost.exe 63->79         started        81 powershell.exe 63->81         started        95 C:\Users\user\AppData\Local\...\OPSBBCA.tmp, ASCII 71->95 dropped 153 Bypasses PowerShell execution policy 71->153 83 conhost.exe 71->83         started        85 powershell.exe 71->85         started        signatures18 process19

      Screenshots

      Thumbnails

      This section contains all screenshots as thumbnails, including those not shown in the slideshow.


      windows-stand

      Antivirus, Machine Learning and Genetic Malware Detection

      Initial Sample

      SourceDetectionScannerLabelLink
      lw2HMxuVuf.exe0%ReversingLabs

      Dropped Files

      SourceDetectionScannerLabelLink
      C:\Program Files\CCleaner\CCUpdate.exe0%ReversingLabs
      C:\Program Files\CCleaner\CCleaner.exe0%ReversingLabs
      C:\Program Files\CCleaner\CCleaner64.exe0%ReversingLabs
      C:\Program Files\CCleaner\CCleanerBugReport.exe0%ReversingLabs
      C:\Program Files\CCleaner\CCleanerCrashDump.exe0%ReversingLabs
      C:\Program Files\CCleaner\CCleanerDU.dll0%ReversingLabs
      C:\Program Files\CCleaner\CCleanerPerformanceOptimizer.dll0%ReversingLabs
      C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe0%ReversingLabs
      C:\Program Files\CCleaner\CCleanerReactivator.dll0%ReversingLabs
      C:\Program Files\CCleaner\CCleanerReactivator.exe0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1025.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1026.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1027.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1028.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1029.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1030.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1031.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1032.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1034.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1035.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1036.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1037.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1038.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1040.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1041.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1042.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1043.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1044.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1045.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1046.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1048.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1049.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1050.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1051.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1052.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1053.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1054.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1055.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1056.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1057.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1058.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1059.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1060.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1061.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1062.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1063.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1065.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1066.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1067.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1068.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1071.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1079.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1081.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1086.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1087.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1090.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1092.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1093.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1102.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1104.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1109.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1110.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-1155.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-2052.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-2070.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-2074.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-3098.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-5146.dll0%ReversingLabs
      C:\Program Files\CCleaner\Lang\lang-9999.dll0%ReversingLabs
      C:\Program Files\CCleaner\Setup\92a778af-76d6-4186-8535-ae66d08f623f.dll0%ReversingLabs
      C:\Program Files\CCleaner\gcapi_17324469042992.dll (copy)0%ReversingLabs
      C:\Program Files\CCleaner\gcapi_1732446922760.dll (copy)0%ReversingLabs
      C:\Program Files\CCleaner\gcapi_17324469293276.dll (copy)0%ReversingLabs
      C:\Program Files\CCleaner\gcapi_dll.dll0%ReversingLabs
      C:\Program Files\CCleaner\libwaapi.dll0%ReversingLabs
      C:\Program Files\CCleaner\libwaheap.dll0%ReversingLabs
      C:\Program Files\CCleaner\libwalocal.dll0%ReversingLabs
      C:\Program Files\CCleaner\libwaresource.dll0%ReversingLabs
      C:\Program Files\CCleaner\libwautils.dll0%ReversingLabs
      C:\Program Files\CCleaner\libwavmodapi.dll0%ReversingLabs
      C:\Program Files\CCleaner\uninst.exe0%ReversingLabs
      C:\Program Files\CCleaner\wa_3rd_party_host_32.exe0%ReversingLabs
      C:\Program Files\CCleaner\wa_3rd_party_host_64.exe0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ButtonEvent.dll3%ReversingLabs
      C:\Users\user\AppData\Local\Temp\nsw3338.tmp\INetC.dll0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\nsw3338.tmp\System.dll0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\nsw3338.tmp\UserInfo.dll0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\nsw3338.tmp\a\asdk.dll0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\nsw3338.tmp\g\gcapi_dll.dll0%ReversingLabs
      C:\Users\user\AppData\Local\Temp\nsw3338.tmp\nsDialogs.dll0%ReversingLabs

      Unpacked PE Files

      No Antivirus matches

      Domains

      No Antivirus matches

      URLs

      No Antivirus matches

      Domains and IPs

      Contacted Domains

      NameIPActiveMaliciousAntivirus DetectionReputation
      ip-info-gcp.ff.avast.com
      		34.111.175.102
      		truefalse
        dev.visualwebsiteoptimizer.com
        		34.96.102.137
        		truefalse
          platform.twitter.map.fastly.net
          		146.75.120.157
          		truefalse
            spdc-global.pbp.gysm.yahoodns.net
            		54.246.144.89
            		truefalse
              stats.g.doubleclick.net
              		66.102.1.155
              		truefalse
                adobetarget.data.adobedc.net
                		66.235.152.221
                		truefalse
                  scontent.xx.fbcdn.net
                  		157.240.196.15
                  		truefalse
                    idsync.rlcdn.com
                    		35.244.154.8
                    		truefalse
                      t.co
                      		172.66.0.227
                      		truefalse
                        script.hotjar.com
                        		13.33.187.74
                        		truefalse
                          peso-1422535133.eu-west-1.elb.amazonaws.com
                          		52.209.8.105
                          		truefalse
                            www.google.com
                            		142.250.181.68
                            		truefalse
                              dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com
                              		54.229.91.192
                              		truefalse
                                2w99epxhne.data.adobedc.net
                                		63.140.62.27
                                		truefalse
                                  mstatic.ccleaner.com
                                  		20.50.2.53
                                  		truefalse
                                    static-cdn.hotjar.com
                                    		18.66.102.106
                                    		truefalse
                                      star-mini.c10r.facebook.com
                                      		157.240.196.35
                                      		truefalse
                                        ipm-gcp-prod.ff.avast.com
                                        		34.111.24.1
                                        		truefalse
                                          s.twitter.com
                                          		104.244.42.195
                                          		truefalse
                                            wndc1.outbrain.org
                                            		172.179.182.7
                                            		truefalse
                                              analytics-prod-gcp.ff.avast.com
                                              		34.117.223.223
                                              		truefalse
                                                ax-0001.ax-msedge.net
                                                		150.171.27.10
                                                		truefalse
                                                  streamback-cl1.ns1.ff.avast.com
                                                  		35.190.209.22
                                                  		truefalse
                                                    analytics-alv.google.com
                                                    		216.239.36.181
                                                    		truefalse
                                                      shepherd-gcp.ff.avast.com
                                                      		34.160.176.28
                                                      		truefalse
                                                        dcjdc5qmbbux7.cloudfront.net
                                                        		108.158.75.13
                                                        		truefalse
                                                          td.doubleclick.net
                                                          		172.217.19.2
                                                          		truefalse
                                                            driver-updater-gcp.ff.avast.com
                                                            		34.149.202.126
                                                            		truefalse
                                                              cdn.cookielaw.org
                                                              		104.18.87.42
                                                              		truefalse
                                                                geolocation.onetrust.com
                                                                		172.64.155.119
                                                                		truefalse
                                                                  edge.gycpi.b.yahoodns.net
                                                                  		87.248.114.12
                                                                  		truefalse
                                                                    static.ads-twitter.com
                                                                    		unknown
                                                                    		unknownfalse
                                                                      amplify.outbrain.com
                                                                      		unknown
                                                                      		unknownfalse
                                                                        license.piriform.com
                                                                        		unknown
                                                                        		unknownfalse
                                                                          emupdate.avcdn.net
                                                                          		unknown
                                                                          		unknownfalse
                                                                            siteintercept.qualtrics.com
                                                                            		unknown
                                                                            		unknownfalse
                                                                              cm.everesttech.net
                                                                              		unknown
                                                                              		unknownfalse
                                                                                ipm-provider.ff.avast.com
                                                                                		unknown
                                                                                		unknownfalse
                                                                                  driver-updater.ff.avast.com
                                                                                  		unknown
                                                                                  		unknownfalse
                                                                                    oms.ccleaner.com
                                                                                    		unknown
                                                                                    		unknownfalse
                                                                                      wave.outbrain.com
                                                                                      		unknown
                                                                                      		unknownfalse
                                                                                        static.hotjar.com
                                                                                        		unknown
                                                                                        		unknownfalse
                                                                                          trial-eum-clientnsv4-s.akamaihd.net
                                                                                          		unknown
                                                                                          		unknownfalse
                                                                                            c5.adalyser.com
                                                                                            		unknown
                                                                                            		unknownfalse
                                                                                              8-46-123-75_s-2-20-68-230_ts-1732446949-clienttons-s.akamaihd.net
                                                                                              		unknown
                                                                                              		unknownfalse
                                                                                                assets.adobedtm.com
                                                                                                		unknown
                                                                                                		unknownfalse
                                                                                                  trial-eum-clienttons-s.akamaihd.net
                                                                                                  		unknown
                                                                                                  		unknownfalse
                                                                                                    winqual.sb.avast.com
                                                                                                    		unknown
                                                                                                    		unknownfalse
                                                                                                      connect.facebook.net
                                                                                                      		unknown
                                                                                                      		unknownfalse
                                                                                                        px.ads.linkedin.com
                                                                                                        		unknown
                                                                                                        		unknownfalse
                                                                                                          ipmcdn.avast.com
                                                                                                          		unknown
                                                                                                          		unknownfalse
                                                                                                            symantec.demdex.net
                                                                                                            		unknown
                                                                                                            		unknownfalse
                                                                                                              684d0d45.akstat.io
                                                                                                              		unknown
                                                                                                              		unknownfalse
                                                                                                                s.yimg.com
                                                                                                                		unknown
                                                                                                                		unknownfalse
                                                                                                                  service.piriform.com
                                                                                                                  		unknown
                                                                                                                  		unknownfalse
                                                                                                                    download.avira.com
                                                                                                                    		unknown
                                                                                                                    		unknownfalse
                                                                                                                      www.mczbf.com
                                                                                                                      		unknown
                                                                                                                      		unknownfalse
                                                                                                                        sp.analytics.yahoo.com
                                                                                                                        		unknown
                                                                                                                        		unknownfalse
                                                                                                                          s.go-mpulse.net
                                                                                                                          		unknown
                                                                                                                          		unknownfalse
                                                                                                                            symantec.tt.omtrdc.net
                                                                                                                            		unknown
                                                                                                                            		unknownfalse
                                                                                                                              shepherd.ff.avast.com
                                                                                                                              		unknown
                                                                                                                              		unknownfalse
                                                                                                                                cdn-production.ccleaner.com
                                                                                                                                		unknown
                                                                                                                                		unknownfalse
                                                                                                                                  www.nortonlifelock.com
                                                                                                                                  		unknown
                                                                                                                                  		unknownfalse
                                                                                                                                    analytics.avcdn.net
                                                                                                                                    		unknown
                                                                                                                                    		unknownfalse
                                                                                                                                      dpm.demdex.net
                                                                                                                                      		unknown
                                                                                                                                      		unknownfalse
                                                                                                                                        s1.pir.fm
                                                                                                                                        		unknown
                                                                                                                                        		unknownfalse
                                                                                                                                          analytics.ff.avast.com
                                                                                                                                          		unknown
                                                                                                                                          		unknownfalse
                                                                                                                                            www.facebook.com
                                                                                                                                            		unknown
                                                                                                                                            		unknownfalse
                                                                                                                                              www.linkedin.com
                                                                                                                                              		unknown
                                                                                                                                              		unknownfalse
                                                                                                                                                baxhwsyxgzi4uz2dblsq-p08v2f-49ff2084c-clientnsv4-s.akamaihd.net
                                                                                                                                                		unknown
                                                                                                                                                		unknownfalse
                                                                                                                                                  ncc.avast.com
                                                                                                                                                  		unknown
                                                                                                                                                  		unknownfalse
                                                                                                                                                    zn4i1jhjmxub1nc6y-gendigital.siteintercept.qualtrics.com
                                                                                                                                                    		unknown
                                                                                                                                                    		unknownfalse
                                                                                                                                                      cdn-uat.ccleaner.com
                                                                                                                                                      		unknown
                                                                                                                                                      		unknownfalse
                                                                                                                                                        analytics.twitter.com
                                                                                                                                                        		unknown
                                                                                                                                                        		unknownfalse
                                                                                                                                                          snap.licdn.com
                                                                                                                                                          		unknown
                                                                                                                                                          		unknownfalse
                                                                                                                                                            ccleaner.tools.avcdn.net
                                                                                                                                                            		unknown
                                                                                                                                                            		unknownfalse
                                                                                                                                                              www.ccleaner.com
                                                                                                                                                              		unknown
                                                                                                                                                              		unknownfalse
                                                                                                                                                                analytics.google.com
                                                                                                                                                                		unknown
                                                                                                                                                                		unknownfalse
                                                                                                                                                                  ip-info.ff.avast.com
                                                                                                                                                                  		unknown
                                                                                                                                                                  		unknownfalse
                                                                                                                                                                    c.go-mpulse.net
                                                                                                                                                                    		unknown
                                                                                                                                                                    		unknownfalse
                                                                                                                                                                      tr.outbrain.com
                                                                                                                                                                      		unknown
                                                                                                                                                                      		unknownfalse

                                                                                                                                                                        Contacted URLs

                                                                                                                                                                        NameMaliciousAntivirus DetectionReputation
                                                                                                                                                                        https://connect.facebook.net/signals/config/2679475345708101?v=2.9.176&r=stable&domain=www.ccleaner.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113false
                                                                                                                                                                          https://ipm-provider.ff.avast.com/?action=1&p_elm=229&p_lng=en&p_lid=en-us&p_ads=1&p_devrsrch=1&p_thrdprt=1&p_thrdtr=1&p_midex=1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0&p_hid=aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a&p_ubs=50&p_trs=0&p_alp=0&p_jar=0&p_cclic=&p_chcc=0&p_bld=mmm_ccl_012_999_a8k_m&p_dols=0&p_sols=0&p_pts=0&p_ftc=0&p_btc=0&p_pro=90&p_vep=6&p_ves=30&p_vbd=11385&p_osv=10.0&p_wsc2v_av=9011&p_gksw=0&p_chr=0&p_sbi=0&p_scbu=0&p_tos=0&p_bau=0&p_dvt=3&p_bsls=0&p_gis=0&p_fds=172544&p_cco=0&p_ccgx=0&p_cce=1&p_cced=0&p_ccnsv=0&p_ccnu=0&p_ccna=0&p_ccnl=0&p_lit=0&p_avt=cc-pro-trial&p_wvv=117.0.2045.47&p_age=0&p_tcy=0&p_pct=0&p_jct=0&p_lex=-1&p_ccgd=0&p_ccod=0&p_ccdb=0&p_pctn=0&p_iau=0&p_qcm=0&p_hcm=1&p_sum=1&p_ost=0&p_scr=1&p_fid=20241124false
                                                                                                                                                                            https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2024%20Nov%202024%2011%3A15%3A25%20GMT&n=5&b=CCleaner%20v6.30.11385&.yp=10180940&f=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&enc=UTF-8&yv=1.16.5&tagmgr=gtm%2Cadobefalse
                                                                                                                                                                              https://analytics.twitter.com/i/adsct?bci=3&dv=America%2FNew_York%26en-US%2Cen%26Google%20Inc.%26Win32%26255%261280%261024%264%2624%261280%26984%260%26na&eci=2&event_id=f0466fac-a653-4a79-868b-04f8676bc357&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=1bd174fb-a78f-4078-9437-448582031ffa&tw_document_href=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o4ls7&type=javascript&version=2.3.31false
                                                                                                                                                                                https://cdn.cookielaw.org/scripttemplates/6.36.0/assets/v2/otPcCenter.jsonfalse
                                                                                                                                                                                  https://ipm-provider.ff.avast.com/?action=1&p_elm=0&p_lng=en&p_lid=en-us&p_ads=1&p_devrsrch=1&p_thrdprt=1&p_thrdtr=1&p_midex=1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0&p_hid=aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a&p_ubs=50&p_trs=0&p_alp=0&p_jar=0&p_cclic=&p_chcc=0&p_bld=mmm_ccl_012_999_a8k_m&p_dols=0&p_sols=0&p_pts=0&p_ftc=0&p_btc=0&p_pro=90&p_vep=6&p_ves=30&p_vbd=11385&p_osv=10.0&p_wsc2v_av=9011&p_gksw=0&p_chr=0&p_sbi=0&p_scbu=0&p_tos=0&p_bau=0&p_dvt=3&p_bsls=0&p_gis=0&p_fds=172544&p_cco=0&p_ccgx=0&p_cce=1&p_cced=0&p_ccnsv=0&p_ccnu=0&p_ccna=0&p_ccnl=0&p_lit=0&p_avt=cc-pro-trial&p_wvv=117.0.2045.47&p_age=0&p_tcy=0&p_pct=0&p_jct=0&p_lex=-1&p_ccgd=0&p_ccod=0&p_ccdb=0&p_pctn=0&p_iau=0&p_qcm=0&p_hcm=1&p_sum=1&p_ost=0&p_scr=1&p_fid=20241124false
                                                                                                                                                                                    https://winqual.sb.avast.com/V1/MDfalse
                                                                                                                                                                                      https://oms.ccleaner.com/b/ss/symanteccom/1/JS-2.22.0-LDQM/s18539589585813?AQB=1&ndh=1&pf=1&t=24%2F10%2F2024%206%3A15%3A21%200%20300&sdid=4523341CF3BE0AEE-41D4D261AA724F9B&mid=86915098161613896303235469939112226982&aamlh=6&ce=UTF-8&pageName=ccleaner%3Aus%3Aknowledge%3Accleaner-v6-30-11385&g=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&cc=USD&server=norton&events=event69&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c2=us&c3=en&c8=D%3Dv163&c14=D%3Dv16&v18=ccleaner%3Aus%3Aknowledge%3Accleaner-v6-30-11385&v21=D%3Dc21&v27=D%3Dc2&v28=D%3Dc3&c35=D%3DpageName&c41=ccleaner&v41=D%3Dc41&c46=html&c47=page&v47=s_code_norton%202024-10-07&c48=CCleaner%20v6.30.11385&v48=D%3Dc49&c49=knowledge&v49=D%3Dc48&v57=86915098161613896303235469939112226982&c59=ccleaner%3Aknowledge%3Accleaner-v6-30-11385&v59=D%3Dc59&v72=ccleaner&c75=D%3Dv57&v96=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385&v164=ccleaner%3A999_a&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1034&bh=870&mcorgid=67C716D751E567F70A490D4C%40AdobeOrg&AQE=1false
                                                                                                                                                                                        https://c5.adalyser.com/adalyser.js?cid=ccleanerfalse
                                                                                                                                                                                          https://www.facebook.com/tr/?id=2679475345708101&ev=PageView&dl=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&rl=&if=false&ts=1732446936663&sw=1280&sh=1024&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732446936660.65224446665965545&cs_est=true&ler=empty&cdl=API_unavailable&it=1732446935268&coo=false&dpo=&tm=1&rqm=GETfalse
                                                                                                                                                                                            https://tr.outbrain.com/cachedClickId?marketerId=001ac0827d67b7b38319c9517e7fa2f4ccfalse
                                                                                                                                                                                              https://driver-updater.ff.avast.com/api/v1/scanDrivers/false
                                                                                                                                                                                                https://dpm.demdex.net/ibs:dpid=411&dpuuid=Z0MKzAAAAHGmGQO-false
                                                                                                                                                                                                  https://static.hotjar.com/c/hotjar-857043.js?sv=6false
                                                                                                                                                                                                    https://cdn.cookielaw.org/scripttemplates/6.36.0/assets/otCommonStyles.cssfalse
                                                                                                                                                                                                      https://shepherd.ff.avast.com/?p_lng=en&p_lid=en-us&p_ads=1&p_devrsrch=1&p_thrdprt=1&p_thrdtr=1&p_midex=1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0&p_hid=aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a&p_ubs=50&p_trs=0&p_alp=0&p_jar=0&p_cclic=&p_chcc=0&p_bld=mmm_ccl_012_999_a8k_m&p_dols=0&p_sols=0&p_pts=0&p_ftc=0&p_btc=0&p_pro=90&p_vep=6&p_ves=30&p_vbd=11385&p_osv=10.0&p_wsc2v_av=9011&p_gksw=0&p_chr=0&p_sbi=0&p_scbu=0&p_tos=0&p_bau=0&p_dvt=3&p_bsls=0&p_gis=0&p_fds=172544&p_cco=0&p_ccgx=0&p_cce=1&p_cced=0&p_ccnsv=0&p_ccnu=0&p_ccna=0&p_ccnl=0&p_lit=0&p_avt=cc-pro-trial&p_wvv=117.0.2045.47&p_age=0&p_tcy=0&p_pct=0&p_jct=0false
                                                                                                                                                                                                        https://cdn.cookielaw.org/scripttemplates/otSDKStub.jsfalse
                                                                                                                                                                                                          https://ip-info.ff.avast.com/v2/infofalse
                                                                                                                                                                                                            https://s.yimg.com/wi/ytc.jsfalse
                                                                                                                                                                                                              https://analytics.avcdn.net/receive3false
                                                                                                                                                                                                                https://c5.adalyser.com/tracking/track/v3/p?stm=1732446933112&e=lce1&url=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&cid=ccleaner&p=%7B%22et%22%3A1732446933109%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Direct%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%22direct%22%2C%22me%22%3A%22none%22%2C%22ca%22%3A%22direct%22%2C%22co%22%3A%22(not%20set)%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A%221%22%2C%22sid%22%3A%221b678712-0cc8-486d-89d0-05e165f88b18%22%2C%22duid%22%3A%226a43d717-b772-42a5-badd-e897920af092%22%2C%22cw%22%3A1732446933109%7D&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.0.0%20Safari%2F537.36&domain=www.ccleaner.comfalse
                                                                                                                                                                                                                  https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2679475345708101&ev=PageView&dl=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&rl=&if=false&ts=1732446936663&sw=1280&sh=1024&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732446936660.65224446665965545&cs_est=true&ler=empty&cdl=API_unavailable&it=1732446935268&coo=false&dpo=&tm=1&rqm=FGETfalse
                                                                                                                                                                                                                    https://ipm-provider.ff.avast.com/?p_elm=76&action=1&p_age=0&p_bau=0&p_bsls=0&p_chcc=2&p_chr=0&p_dvt=3&p_fds=172544&p_gis=0&p_hid=aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a&p_lid=en-CH&p_lng=en&p_midex=1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0&p_osv=10.0&p_pro=90&p_sbi=0&p_scbu=0&p_tos=0&p_vbd=11385&p_vep=6&p_ves=30&p_wid=1675281926false
                                                                                                                                                                                                                      https://ip-info.ff.avast.com/v1/infofalse

                                                                                                                                                                                                                        URLs from Memory and Binaries

                                                                                                                                                                                                                        NameSourceMaliciousAntivirus DetectionReputation
                                                                                                                                                                                                                        https://www.ccleaner.com/go/app_po_surveyContinueDemoViewSleepingProgramsPopup/PerformanceOptimizer/CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                          https://www.ccleaner.com/business/ccleaner-business-editionCCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                            https://ccleaner.com/go/app_cc_license_agreementCCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                              https://brain.jumpshot.com/avast/ss/reportjumpshot_silentscanresults://https://brain.jumpshot.com/avlw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmpfalse
                                                                                                                                                                                                                                https://analytics.avcdn.net/omlw2HMxuVuf.exe, 00000000.00000002.2798976484.0000000005F25000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                  https://www.avast.com/lp-ppc-nbu-fav-ccCCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                    https://aefd.nelreports.net/api/report?cat=bingaotaklw2HMxuVuf.exe, 00000000.00000003.2284247616.0000000007700000.00000004.00000800.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270300318.0000000006001000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2270401010.0000000005FF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2284247616.000000000772B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                      https://deff.nelreports.net/api/report?cat=msnlw2HMxuVuf.exe, 00000000.00000003.2284247616.000000000772B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        https://sciter.com/docs/content/script/Array.htmCCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                          https://analytics.avcdn.net/(CCleaner64.exe, 0000000E.00000003.2754172633.0000014794623000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                            https://www.ccleaner.com/docs/ccleaner/ccleaner-settings/choosing-which-cookies-to-keepCCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                              https://s-trackoff.avcdn.net/trackoff/8ad1526a87b9617cf6dd677cdf9f87a0e3fd1555b6a8828d87ec2bef2850faCCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                https://install.avcdn.net/avg/iavs9x/avg_internet_security_setup.exeASWSig2A123D026AE3BEAC0AC7D4DC35lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                  http://p%03d.sb.avast.com/V1/MD/avast_streambackraw_%03d://CommChannelAddr_StreambackGetBodylw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmpfalse
                                                                                                                                                                                                                                                    http://ccleaner.tools.avcdn.net/tools/ccleaner/update/20180205.dllCCUpdate.exe, 00000007.00000003.2570867815.0000000002FD0000.00000004.00000800.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000003.2571029060.0000000000D00000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                      https://analytics.avcdn.net/SCCleaner64.exe, 00000005.00000002.2562103985.00000197BE520000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                        http://p%03d.sb.avast.com/V1/MD/DoCCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                          https://honzik.avcdn.net/setup/avast-vpn/release/avast_vpn_online_setup.exeASWSig2A06FCDABA5742BE662lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                            http://ncc.avast.com/ncc.txterCCleaner64.exe, 00000005.00000002.2560641566.00000197BBFAA000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                              https://winqual.sb.avast.comCCleanerBugReport.exe, 0000000B.00000002.2666069416.00007FF66186A000.00000002.00000001.01000000.0000001A.sdmpfalse
                                                                                                                                                                                                                                                                https://piriform.zendesk.com/hc/en-us/articles/218109957-How-do-I-manage-browser-plugins-CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                                  http://honzik.avcdn.net/setup/avast-tu/release/avast_cleanup_online_setup.exeASWSig2A4C1A1197A19B18Flw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                                    http://files.avast.com/beta9x/avast_free_antivirus_setup_online.exeASWSig2A5549FF2866EA44F68D28FB2B1lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                                      https://license.piriform.com/0lw2HMxuVuf.exe, 00000000.00000002.2795133723.0000000003DA9000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2764150916.0000000003D9E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                        https://s-trackoff.avcdn.net/avg/trackoff/7854df286ff1c4e1f4d81d466f4a1b0243b39837ac99c5b98817907f76CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                                          https://install.avcdn.net/beta9x/avast_pro_antivirus_setup_online.exeASWSig2A579D90FED0C6441EE7B258Flw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                                            https://shepherd.ff.avast.com/?p_vep=6&p_ves=30&p_vbd=11385&p_lit=0&p_midex=1F2CCAD3812656C493060833lw2HMxuVuf.exe, 00000000.00000003.2353823942.0000000003E08000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2440494807.0000000003DEF000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2764150916.0000000003DED000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2501336799.0000000003DED000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2580060589.0000000003DDB000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2423373462.0000000003DFA000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2440494807.0000000003DDB000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2423145055.0000000003DEF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                              http://crt.sectigo.com/SectigoPublicTimeStampingRootR46.p7c0#lw2HMxuVuf.exe, 00000000.00000002.2785371893.000000000041E000.00000004.00000001.01000000.00000003.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000003265000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                http://www.ccleaner.com/go/app_releasenotes?p=1&v=&l=1033&b=1&a=0lw2HMxuVuf.exe, 00000000.00000003.2766117669.0000000003D4C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                  https://license.piriform.com//lw2HMxuVuf.exe, 00000000.00000002.2795133723.0000000003DA9000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2764150916.0000000003D9E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                    http://emupdate.avcdn.net/CCUpdate.exe, 00000007.00000003.2571029060.0000000000D00000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                      http://p%03d.sb.avast.com/V1/PD/Dolw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmpfalse
                                                                                                                                                                                                                                                                                        https://license.piriform.com/product/v1/installcheck?p=1&v=6.30.11385&vx=&l=1033&b=1&o=10W6&g=0&i=1&lw2HMxuVuf.exe, lw2HMxuVuf.exe, 00000000.00000002.2795450593.0000000003DF8000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2765729980.0000000003DF5000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2423261870.0000000005F1F000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2440494807.0000000003DEF000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2764150916.0000000003DED000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2501336799.0000000003DED000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2580060589.0000000003DDB000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2423373462.0000000003DFA000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2423145055.0000000003DEF000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                          https://winqual.sb.avast.com/.MDCCleanerBugReport.exe, 0000000B.00000003.2637778411.000001D24E877000.00000004.00000020.00020000.00000000.sdmp, CCleanerBugReport.exe, 0000000B.00000003.2634530104.000001D24E877000.00000004.00000020.00020000.00000000.sdmp, CCleanerBugReport.exe, 0000000B.00000002.2650423766.000001D24E877000.00000004.00000020.00020000.00000000.sdmp, CCleanerBugReport.exe, 0000000B.00000003.2619892102.000001D24E877000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                            https://sciter.com/forums/topic/plus-custom-output-formatter-wont-work-if-they-are-written-in-htm/#pCCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                                                              https://www.ccleaner.com/go/app_cc_help_preloadingCCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                                                                https://ccleaner.com/go/app_cc_privacy_data_factsheetCCleaner64.exe, 00000005.00000000.2508640115.00007FF7D82E1000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                                                                  https://ipm-provider.ff.avast.com/?p_elm=76&action=1&p_age=0&p_bau=0&p_bsls=0&p_chcc=2&p_chr=0&p_dvtlw2HMxuVuf.exe, 00000000.00000003.2242932198.0000000003DB5000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2764150916.0000000003DB2000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2795133723.0000000003DB2000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2371999463.0000000003DB2000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2336816159.0000000003DB2000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2354021661.0000000003DB2000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2242833936.0000000003DB2000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                                    https://openid.avg.commy-devices.avast.comalpha-rollout-service.ff.avast.comhttps://openid.avast.comlw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmpfalse
                                                                                                                                                                                                                                                                                                      http://emupdate.avcdn.net/files/emupdate/pong.txtsCCUpdate.exe, 00000007.00000002.2688383482.0000000000D00000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000003.2571029060.0000000000D00000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                                        https://honzik.avcdn.net/setup/avast-bs/beta/avast_battery_saver_online_setup.exeASWSig2A3A3BE3789E6lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                                                                          http://scripts.sil.org/OFLhttp://scripts.sil.org/OFLCopyrightlw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                                            http://ccleaner.tools.avcdn.net/tools/ccleaner/updateCCUpdate.exe, 00000007.00000002.2688383482.0000000000CC8000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                                              https://brain.jumpshot.com/avast/ss/jumpshot_silentscanresults2://https://brain.jumpshot.com/avast/sCCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                                                                                https://honzik.avcdn.net/setup/avast-bg/release/avast_breach_guard_online_setup.exeASWSig2A2457920CElw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                                                                                  http://www.ccleaner.com/ccleanerlw2HMxuVuf.exe, 00000000.00000003.2501478642.0000000005F26000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2501048660.0000000006530000.00000004.00000800.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2792248940.000000000092D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                                                    http://www.ccleaner.com/inapp/notificationsContent-Type:CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                                                                                      https://viruslab-samples.sb.avast.comCCleanerBugReport.exe, 0000000B.00000002.2666069416.00007FF66186A000.00000002.00000001.01000000.0000001A.sdmpfalse
                                                                                                                                                                                                                                                                                                                        http://crl.sectigo.com/SectigoPublicTimeStampingCAR36.crl0zlw2HMxuVuf.exe, 00000000.00000002.2785371893.000000000041E000.00000004.00000001.01000000.00000003.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000003265000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                                                          http://emupdate.avcdn.net/files/emupdate/pong.txt32.dllCCUpdate.exe, 00000007.00000002.2688383482.0000000000CC0000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                                                            http://www.zkysky.com.ar/Thislw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                                                              https://analytics.avcdn.net/dllCCleaner64.exe, 00000005.00000002.2562103985.00000197BE450000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                                                                https://service.piriform.com/installcheck.aspx5.70.7909PrefsPrivacyShareData1stPartylw2HMxuVuf.exe, 00000000.00000002.2792248940.000000000092D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                                                                  https://aefd.nelreports.net/api/report?cat=bingrmslw2HMxuVuf.exe, 00000000.00000003.2284247616.0000000007700000.00000004.00000800.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2284247616.000000000772B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                                                                    https://honzik.avcdn.net/setup/avast-bs/release/avast_battery_saver_online_setup.exeASWSig2A072492C0lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                                                                                                      http://www.ccleaner.com/go/app_privacy?p=1&l=lw2HMxuVuf.exe, 00000000.00000002.2792248940.000000000092D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                                                                        https://shepherd.ff.avast.com/Mozilla/4.0lw2HMxuVuf.exe, 00000000.00000002.2792248940.000000000092D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                                                                          http://keys.backup.norton.comlw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                                                                                                            http://ocsp.sectigo.com0lw2HMxuVuf.exe, 00000000.00000002.2785371893.000000000041E000.00000004.00000001.01000000.00000003.sdmp, lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000003265000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                                                                              https://www.ccleaner.com/go/app_du_systemrestoreinfoCCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                                                                                                                http://www.gimp.org/xmp/CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                                                                                                                  https://analytics.avcdn.net:443/receive3CCleaner64.exe, 00000005.00000002.2562103985.00000197BE450000.00000004.00000020.00020000.00000000.sdmp, CCleaner64.exe, 00000005.00000002.2562103985.00000197BE4BD000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                                                                                    http://www.avast.com0/lw2HMxuVuf.exe, 00000000.00000002.2793573066.0000000002B99000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000003.2588880320.0000000000D65000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                                                                                      https://service.piriform.com/alw2HMxuVuf.exe, 00000000.00000002.2795133723.0000000003DA9000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2764150916.0000000003D9E000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                                                                                        https://www.ccleaner.com/go/app_du_surveyCCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                                                                                                                          https://secure.ccleaner.com/502/uurl-90zu4qtn5p?x-source=833CCleaner64.exe, 00000005.00000000.2508640115.00007FF7D8534000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                                                                                                                            http://ccleaner.tools.avcdn.net/tools/ccleaner/update/updates.xmlCCUpdate.exe, 00000007.00000002.2688383482.0000000000D15000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000002.2688383482.0000000000CC8000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000002.2688383482.0000000000CEF000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000008.00000002.2527630454.000000000073F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                                                                                              http://domrep.ff.avast.com/http://api.webrep.avast.com/avast_webrepapi://http://ui.ff.avast.com/avaslw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmpfalse
                                                                                                                                                                                                                                                                                                                                                                https://shepherd.ff.avast.com/lw2HMxuVuf.exe, lw2HMxuVuf.exe, 00000000.00000003.2440442999.0000000005F43000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                                                                                                  http://%s:%d;https=https://%s:%dHTTP/1.0%u.%u.%u.%u01234567890123456789abcdef0123456789ABCDEFCONOUT$CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                                                                                                                                    https://service.piriform.com/installcheck.aspx?p=1&v=6.30.11385&vx=&l=1033&b=1&o=10W6&g=0&i=1&a=0&e=lw2HMxuVuf.exe, 00000000.00000003.2501336799.0000000003DDC000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                                                                                                      http://www.ccleaner.com/go/app_license?p=1&l=lw2HMxuVuf.exe, 00000000.00000002.2792248940.000000000092D000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                                                                                                        http://www.ccleaner.com/go/app_license?p=1&l=1033&a=0lw2HMxuVuf.exe, 00000000.00000002.2794848571.0000000003D4C000.00000004.00000020.00020000.00000000.sdmp, lw2HMxuVuf.exe, 00000000.00000003.2766117669.0000000003D4C000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                                                                                                          https://install.avcdn.net/iavs9x/avast_free_antivirus_setup_online.exeASWSig2A2EC0971AB07DE15C30023Clw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpfalse
                                                                                                                                                                                                                                                                                                                                                                            http://ccleaner.tools.avcdn.net/CCUpdate.exe, 00000007.00000003.2571029060.0000000000D31000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000002.2688383482.0000000000D31000.00000004.00000020.00020000.00000000.sdmp, CCUpdate.exe, 00000007.00000003.2571029060.0000000000D00000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                                                                                                                                                              https://honzik.avcdn.net/setup/avg-bg/release/avg_breach_guard_online_setup.exeASWSig2A14AA13983E189lw2HMxuVuf.exe, 00000000.00000002.2851079522.000000006C299000.00000002.00000001.01000000.00000007.sdmp, CCleaner64.exe, 00000005.00000002.2564460819.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmp, CCleaner64.exe, 00000005.00000000.2507611866.00007FF7D756B000.00000002.00000001.01000000.00000017.sdmpfalse

                                                                                                                                                                                                                                                                                                                                                                                World Map of Contacted IPs

                                                                                                                                                                                                                                                                                                                                                                                • No. of IPs < 25%
                                                                                                                                                                                                                                                                                                                                                                                • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                                                                                                                                                                • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                                                                                                                                                                • 75% < No. of IPs

                                                                                                                                                                                                                                                                                                                                                                                Public IPs

                                                                                                                                                                                                                                                                                                                                                                                IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                                                                                                                                                                34.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                		ipm-gcp-prod.ff.avast.comUnited States
                                                                                                                                                                                                                                                                                                                                                                                		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                                                                                                                35.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                		idsync.rlcdn.comUnited States
                                                                                                                                                                                                                                                                                                                                                                                		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                                                                                                                66.102.1.155
                                                                                                                                                                                                                                                                                                                                                                                		stats.g.doubleclick.netUnited States
                                                                                                                                                                                                                                                                                                                                                                                		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                                                                                                                104.18.32.137
                                                                                                                                                                                                                                                                                                                                                                                		unknownUnited States
                                                                                                                                                                                                                                                                                                                                                                                		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                                                                                                                                66.235.152.221
                                                                                                                                                                                                                                                                                                                                                                                		adobetarget.data.adobedc.netUnited States
                                                                                                                                                                                                                                                                                                                                                                                		15224OMNITUREUSfalse
                                                                                                                                                                                                                                                                                                                                                                                52.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                		peso-1422535133.eu-west-1.elb.amazonaws.comUnited States
                                                                                                                                                                                                                                                                                                                                                                                		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                                                                                                                                162.159.140.229
                                                                                                                                                                                                                                                                                                                                                                                		unknownUnited States
                                                                                                                                                                                                                                                                                                                                                                                		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                                                                                                                                104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                		cdn.cookielaw.orgUnited States
                                                                                                                                                                                                                                                                                                                                                                                		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                                                                                                                                34.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                		driver-updater-gcp.ff.avast.comUnited States
                                                                                                                                                                                                                                                                                                                                                                                		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                                                                                                                                                63.140.62.17
                                                                                                                                                                                                                                                                                                                                                                                		unknownUnited States
                                                                                                                                                                                                                                                                                                                                                                                		15224OMNITUREUSfalse
                                                                                                                                                                                                                                                                                                                                                                                172.64.155.119
                                                                                                                                                                                                                                                                                                                                                                                		geolocation.onetrust.comUnited States
                                                                                                                                                                                                                                                                                                                                                                                		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                                                                                                                                                                34.253.40.242
                                                                                                                                                                                                                                                                                                                                                                                		unknownUnited States
                                                                                                                                                                                                                                                                                                                                                                                		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                                                                                                                                239.255.255.250
                                                                                                                                                                                                                                                                                                                                                                                		unknownReserved
                                                                                                                                                                                                                                                                                                                                                                                		unknownunknownfalse
                                                                                                                                                                                                                                                                                                                                                                                52.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                		unknownUnited States
                                                                                                                                                                                                                                                                                                                                                                                		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                                                                                                                                63.34.142.90
                                                                                                                                                                                                                                                                                                                                                                                		unknownUnited States
                                                                                                                                                                                                                                                                                                                                                                                		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                                                                                                                                146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                		platform.twitter.map.fastly.netSweden
                                                                                                                                                                                                                                                                                                                                                                                		30051SCCGOVUSfalse
                                                                                                                                                                                                                                                                                                                                                                                54.246.144.89
                                                                                                                                                                                                                                                                                                                                                                                		spdc-global.pbp.gysm.yahoodns.netUnited States
                                                                                                                                                                                                                                                                                                                                                                                		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                                                                                                                                157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                		star-mini.c10r.facebook.comUnited States
                                                                                                                                                                                                                                                                                                                                                                                		32934FACEBOOKUSfalse
                                                                                                                                                                                                                                                                                                                                                                                20.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                		mstatic.ccleaner.comUnited States
                                                                                                                                                                                                                                                                                                                                                                                		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                                                                                                                                                                18.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                		static-cdn.hotjar.comUnited States
                                                                                                                                                                                                                                                                                                                                                                                		3MIT-GATEWAYSUSfalse
                                                                                                                                                                                                                                                                                                                                                                                63.140.62.27
                                                                                                                                                                                                                                                                                                                                                                                		2w99epxhne.data.adobedc.netUnited States
                                                                                                                                                                                                                                                                                                                                                                                		15224OMNITUREUSfalse
                                                                                                                                                                                                                                                                                                                                                                                172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                		wndc1.outbrain.orgUnited States
                                                                                                                                                                                                                                                                                                                                                                                		7018ATT-INTERNET4USfalse
                                                                                                                                                                                                                                                                                                                                                                                142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                		www.google.comUnited States
                                                                                                                                                                                                                                                                                                                                                                                		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                                                                                                                34.96.102.137
                                                                                                                                                                                                                                                                                                                                                                                		dev.visualwebsiteoptimizer.comUnited States
                                                                                                                                                                                                                                                                                                                                                                                		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                                                                                                                34.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                		ip-info-gcp.ff.avast.comUnited States
                                                                                                                                                                                                                                                                                                                                                                                		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                                                                                                                216.239.36.181
                                                                                                                                                                                                                                                                                                                                                                                		analytics-alv.google.comUnited States
                                                                                                                                                                                                                                                                                                                                                                                		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                                                                                                                35.190.209.22
                                                                                                                                                                                                                                                                                                                                                                                		streamback-cl1.ns1.ff.avast.comUnited States
                                                                                                                                                                                                                                                                                                                                                                                		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                                                                                                                54.229.91.192
                                                                                                                                                                                                                                                                                                                                                                                		dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.comUnited States
                                                                                                                                                                                                                                                                                                                                                                                		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                                                                                                                                172.217.19.2
                                                                                                                                                                                                                                                                                                                                                                                		td.doubleclick.netUnited States
                                                                                                                                                                                                                                                                                                                                                                                		15169GOOGLEUSfalse
                                                                                                                                                                                                                                                                                                                                                                                108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                		dcjdc5qmbbux7.cloudfront.netUnited States
                                                                                                                                                                                                                                                                                                                                                                                		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                                                                                                                                104.244.42.3
                                                                                                                                                                                                                                                                                                                                                                                		unknownUnited States
                                                                                                                                                                                                                                                                                                                                                                                		13414TWITTERUSfalse
                                                                                                                                                                                                                                                                                                                                                                                104.244.42.195
                                                                                                                                                                                                                                                                                                                                                                                		s.twitter.comUnited States
                                                                                                                                                                                                                                                                                                                                                                                		13414TWITTERUSfalse
                                                                                                                                                                                                                                                                                                                                                                                34.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                		shepherd-gcp.ff.avast.comUnited States
                                                                                                                                                                                                                                                                                                                                                                                		2686ATGS-MMD-ASUSfalse
                                                                                                                                                                                                                                                                                                                                                                                150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                		ax-0001.ax-msedge.netUnited States
                                                                                                                                                                                                                                                                                                                                                                                		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                                                                                                                                                                                                                                34.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                		analytics-prod-gcp.ff.avast.comUnited States
                                                                                                                                                                                                                                                                                                                                                                                		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                                                                                                                                                                                                                                                                                                                                                                87.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                		edge.gycpi.b.yahoodns.netUnited Kingdom
                                                                                                                                                                                                                                                                                                                                                                                		43428YAHOO-ULSGBfalse
                                                                                                                                                                                                                                                                                                                                                                                13.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                		script.hotjar.comUnited States
                                                                                                                                                                                                                                                                                                                                                                                		16509AMAZON-02USfalse
                                                                                                                                                                                                                                                                                                                                                                                157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                		scontent.xx.fbcdn.netUnited States
                                                                                                                                                                                                                                                                                                                                                                                		32934FACEBOOKUSfalse
                                                                                                                                                                                                                                                                                                                                                                                172.66.0.227
                                                                                                                                                                                                                                                                                                                                                                                		t.coUnited States
                                                                                                                                                                                                                                                                                                                                                                                		13335CLOUDFLARENETUSfalse

                                                                                                                                                                                                                                                                                                                                                                                Private

                                                                                                                                                                                                                                                                                                                                                                                IP
                                                                                                                                                                                                                                                                                                                                                                                192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                127.0.0.1

                                                                                                                                                                                                                                                                                                                                                                                General Information

                                                                                                                                                                                                                                                                                                                                                                                Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                                                                                                                                                                                                                Analysis ID:1561836
                                                                                                                                                                                                                                                                                                                                                                                Start date and time:2024-11-24 12:13:13 +01:00
                                                                                                                                                                                                                                                                                                                                                                                Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                                                                                                                                                                Overall analysis duration:0h 13m 40s
                                                                                                                                                                                                                                                                                                                                                                                Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                                                                                                                                                                Report type:full
                                                                                                                                                                                                                                                                                                                                                                                Cookbook file name:default.jbs
                                                                                                                                                                                                                                                                                                                                                                                Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                                                                                                                                                                                Number of analysed new started processes analysed:50
                                                                                                                                                                                                                                                                                                                                                                                Number of new started drivers analysed:0
                                                                                                                                                                                                                                                                                                                                                                                Number of existing processes analysed:0
                                                                                                                                                                                                                                                                                                                                                                                Number of existing drivers analysed:0
                                                                                                                                                                                                                                                                                                                                                                                Number of injected processes analysed:0
                                                                                                                                                                                                                                                                                                                                                                                Technologies:
                                                                                                                                                                                                                                                                                                                                                                                • HCA enabled
                                                                                                                                                                                                                                                                                                                                                                                • EGA enabled
                                                                                                                                                                                                                                                                                                                                                                                • AMSI enabled
                                                                                                                                                                                                                                                                                                                                                                                Analysis Mode:default
                                                                                                                                                                                                                                                                                                                                                                                Analysis stop reason:Timeout
                                                                                                                                                                                                                                                                                                                                                                                Sample name:lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                renamed because original name is a hash value
                                                                                                                                                                                                                                                                                                                                                                                Original Sample Name:5c48490b288fbb3b9d7b17aebc15b0f76edc4339029cadf91b28113111c2b20b.exe
                                                                                                                                                                                                                                                                                                                                                                                Detection:MAL
                                                                                                                                                                                                                                                                                                                                                                                Classification:mal42.spyw.evad.winEXE@75/464@185/41
                                                                                                                                                                                                                                                                                                                                                                                EGA Information:
                                                                                                                                                                                                                                                                                                                                                                                • Successful, ratio: 100%
                                                                                                                                                                                                                                                                                                                                                                                HCA Information:Failed
                                                                                                                                                                                                                                                                                                                                                                                Cookbook Comments:
                                                                                                                                                                                                                                                                                                                                                                                • Found application associated with file extension: .exe

                                                                                                                                                                                                                                                                                                                                                                                Warnings

                                                                                                                                                                                                                                                                                                                                                                                • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe
                                                                                                                                                                                                                                                                                                                                                                                • Excluded IPs from analysis (whitelisted): 217.20.56.101, 192.229.221.95, 199.232.214.172, 23.196.100.148, 23.32.239.65, 2.19.198.19, 23.32.239.9, 23.32.239.40, 23.32.239.27, 23.32.239.33, 172.217.21.35, 172.217.19.238, 74.125.205.84, 2.20.41.211, 34.104.35.123, 142.250.181.46, 23.218.208.109, 172.217.19.234, 216.58.208.227, 23.195.38.175, 23.218.208.236, 172.217.19.10, 142.250.181.10, 142.250.181.138, 172.217.21.42, 172.217.19.170, 172.217.17.42, 142.250.181.74, 172.217.19.202, 172.217.17.74, 142.250.181.42, 142.250.181.104, 23.195.38.162, 34.252.214.6, 34.255.155.228, 54.75.138.108, 23.218.209.87, 23.218.209.109, 92.122.17.81, 23.32.239.35, 2.19.198.11, 13.107.42.14, 104.17.208.240, 104.17.209.240, 23.54.81.202, 23.54.81.176, 2.20.68.230, 2.20.68.209, 2.20.68.96, 2.20.68.91, 184.30.24.251, 172.217.17.35
                                                                                                                                                                                                                                                                                                                                                                                • Excluded domains from analysis (whitelisted): license.piriform.com-v2.edgekey.net, slscr.update.microsoft.com, cn-assets.adobedtm.com.edgekey.net, clientservices.googleapis.com, a1024.dscg.akamai.net, fs-wildcard.microsoft.com.edgekey.net, service.piriform.com-v1.edgekey.net, l-0005.l-msedge.net, a248.b.akamai.net, clients2.google.com, ocsp.digicert.com, ipmcdn.avast.com.edgekey.net, e16604.g.akamaiedge.net, emupdate.avcdn.net.edgesuite.net, update.googleapis.com, e13363.dsca.akamaiedge.net, www.google-analytics.com, ip46.go-mpulse.net.edgekey.net, tools.avcdn.net.edgesuite.net, www.ccleaner.com.edgekey.net, fonts.googleapis.com, fs.microsoft.com, content-autofill.googleapis.com, cm.everesttech.net.akadns.net, www.nortonlifelock.com.edgekey.net, cdn.avira.com.edgekey.net, od.linkedin.edgesuite.net, wildcard.outbrain.com.edgekey.net, e13223.dscd.akamaiedge.net, wildcard46.akstat.io.edgekey.net, s1.pir.fm.edgekey.net, edgedl.me.gvt1.com, wildcard46.go-mpulse.net.edgekey.net, e10883.g.akamaiedge.net, clients.l.g
                                                                                                                                                                                                                                                                                                                                                                                • HTTPS sessions have been limited to 150. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                                                                                                                                                                                • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                                                                                                                                                                • Report creation exceeded maximum time and may have missing disassembly code information.
                                                                                                                                                                                                                                                                                                                                                                                • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                                                                                                                                                                                • Report size exceeded maximum capacity and may have missing disassembly code.
                                                                                                                                                                                                                                                                                                                                                                                • Report size exceeded maximum capacity and may have missing network information.
                                                                                                                                                                                                                                                                                                                                                                                • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                                                                                                                                                                                                                                                                                                • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                                                                                                                                                                                                • Report size getting too big, too many NtCreateKey calls found.
                                                                                                                                                                                                                                                                                                                                                                                • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                                                                                                                                                                                                                                                                                                                                                                • Report size getting too big, too many NtEnumerateKey calls found.
                                                                                                                                                                                                                                                                                                                                                                                • Report size getting too big, too many NtEnumerateValueKey calls found.
                                                                                                                                                                                                                                                                                                                                                                                • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                                                                                                                                                                                • Report size getting too big, too many NtOpenKey calls found.
                                                                                                                                                                                                                                                                                                                                                                                • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                                                                                                                                                                                • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                                                                                                                                                                                • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                                                                                                                                                                                                                                                • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                                                                                                                                                                                • Report size getting too big, too many NtReadVirtualMemory calls found.
                                                                                                                                                                                                                                                                                                                                                                                • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                                                                                                                                                                                • VT rate limit hit for: lw2HMxuVuf.exe

                                                                                                                                                                                                                                                                                                                                                                                Simulations

                                                                                                                                                                                                                                                                                                                                                                                Behavior and APIs

                                                                                                                                                                                                                                                                                                                                                                                TimeTypeDescription
                                                                                                                                                                                                                                                                                                                                                                                06:14:20API Interceptor3x Sleep call for process: lw2HMxuVuf.exe modified
                                                                                                                                                                                                                                                                                                                                                                                06:14:52API Interceptor8x Sleep call for process: CCUpdate.exe modified
                                                                                                                                                                                                                                                                                                                                                                                06:14:57API Interceptor2x Sleep call for process: CCleanerBugReport.exe modified
                                                                                                                                                                                                                                                                                                                                                                                06:14:57API Interceptor2x Sleep call for process: svchost.exe modified
                                                                                                                                                                                                                                                                                                                                                                                06:14:58API Interceptor1448x Sleep call for process: CCleaner64.exe modified
                                                                                                                                                                                                                                                                                                                                                                                06:15:25API Interceptor14x Sleep call for process: wa_3rd_party_host_32.exe modified
                                                                                                                                                                                                                                                                                                                                                                                06:15:47API Interceptor47x Sleep call for process: wa_3rd_party_host_64.exe modified
                                                                                                                                                                                                                                                                                                                                                                                06:15:49API Interceptor11x Sleep call for process: powershell.exe modified
                                                                                                                                                                                                                                                                                                                                                                                12:14:50Task SchedulerRun new task: CCleaner Update path: C:\Program Files\CCleaner\CCUpdate.exe
                                                                                                                                                                                                                                                                                                                                                                                12:14:53Task SchedulerRun new task: CCleanerCrashReporting path: C:\Program Files\CCleaner\CCleanerBugReport.exe s>--product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a" --version "6.30.11385" --silent
                                                                                                                                                                                                                                                                                                                                                                                12:14:53Task SchedulerRun new task: CCleanerSkipUAC - user path: "C:\Program Files\CCleaner\CCleaner.exe" s>$(Arg0)
                                                                                                                                                                                                                                                                                                                                                                                12:15:28AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run CCleaner Smart Cleaning "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
                                                                                                                                                                                                                                                                                                                                                                                12:15:42AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run CCleaner Smart Cleaning "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR

                                                                                                                                                                                                                                                                                                                                                                                Joe Sandbox View / Context

                                                                                                                                                                                                                                                                                                                                                                                IPs

                                                                                                                                                                                                                                                                                                                                                                                No context

                                                                                                                                                                                                                                                                                                                                                                                Domains

                                                                                                                                                                                                                                                                                                                                                                                No context

                                                                                                                                                                                                                                                                                                                                                                                ASNs

                                                                                                                                                                                                                                                                                                                                                                                No context

                                                                                                                                                                                                                                                                                                                                                                                JA3 Fingerprints

                                                                                                                                                                                                                                                                                                                                                                                No context

                                                                                                                                                                                                                                                                                                                                                                                Dropped Files

                                                                                                                                                                                                                                                                                                                                                                                No context

                                                                                                                                                                                                                                                                                                                                                                                Created / dropped Files

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\CCUpdate.exe

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):829408
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.800568588224169
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24576:Jjtgw77IpNyggggMrSQ5hEGnh0lhSMXlLtBq7ZnP:JjtgI6yggggMrSQ52bbq7ZnP
                                                                                                                                                                                                                                                                                                                                                                                MD5:943A4F169E9A3303ED6DEFC1AC3690BD
                                                                                                                                                                                                                                                                                                                                                                                SHA1:E0BD76B866624164C10B85D37EFB6474B84164DF
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:E531742A357907248DE84B99F68ED7E8EDD70E7CA918D21B24CC17EE4C128240
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:DA29CAFDD63FD3AB3D2378FC6C2810D7579EBD6B62A4F99248458094CD2E42DC0071B83F0AEE4185CA1C81139DEC2991212AC383D77A737937558BBCB29D688C
                                                                                                                                                                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...................................P...........!..L.!This program cannot be run in DOS mode....$.......>...z..Nz..Nz..N...Ou..N...O...N...O{..N...O{..N|Y.N...N|Y.Oo..N|Y.O!..N|Y.Of..N...Oa..N,..O{..N..O}..Ns.iNx..N...OY..Nz..N...Nz..N|..N.Y.O...N.Y.O{..N.Y.N{..Nz.mNx..N.Y.O{..NRichz..N........................PE..L......f...............&.0...R.......m.......@....@.................................k6....@.....................................@....0...............b...E...P..PZ.../......................@0..........@............@..@............................text..../.......0.................. ..`.rdata.......@.......4..............@..@.data....9..........................@....rsrc........0......................@..@.reloc..PZ...P...\..................@..B........................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\CCleaner.exe

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):39135536
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.003580998784026
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:393216:8ipxMIthENN5iDUh4vjikppuqc+prDJdMJgj91CuK56X3XXrqNHP+R5f8uUhSp0v:pfzm35h/EpQmDuHP+R5nUs1JK
                                                                                                                                                                                                                                                                                                                                                                                MD5:A2EE8E9ACC0C8F79953A42B213A9C201
                                                                                                                                                                                                                                                                                                                                                                                SHA1:FB8A5483428B234EC93B188576302E08EBD01C26
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:D401720722708EA86D4A4742BD901ADC4EA4EC79B5C84A0F0762228E60A0A1D1
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:35554B1A1027083AE442F28B3E2842763D363D80ED040CDAED324D96E4721DC4D2005E62A571863E8180F4ACD1AF8E2E2D1084FB8E5A5A086DBC18891AEBFB21
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........h.;.;.;:.:..;:.:.;0..:.;..j;...;...:...;...:..;v.:1..;v.:.;...:.;+..:.;:.:..;...:...;...:.;:.:.;+..:.;#..:..;:.:..;...:.;...:.;...:...;#..:v..;...;.;.;...;.;...;...:...;...:.;..h;.;..;.;...:.;Rich.;........PE..L...j.+g...............&..4.."C.....p=.......04...@..........................pw.....o.V...@.....................................D........m..........H.T..*...Pd.....$Rd.T....................Rd.....hdK.@............04..............................text...,.4.......4................. ..`.rdata....W..04...W...4.............@..@.data...4.=.. ...h..................@....didat...............l..............@....rsrc....m.......n...p..............@..@.reloc.......Pd.. ....A.............@..B........................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\CCleaner64.exe

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):45359408
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.849456414833804
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:393216:ScuvG3ZMBUSk3wjrj2k7ZYlFT/d2KsXS9Wzc3NH/H0Nv9rqNRTuP+R4/uUhSp0DA:ScdZMSOraWzcS8TuP+R4GUs1J
                                                                                                                                                                                                                                                                                                                                                                                MD5:2C06EA7AA9BB892D84ADD917952FA262
                                                                                                                                                                                                                                                                                                                                                                                SHA1:96F0B55068BD679C716FECA1141A5CC27263D68E
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:145412DADF8CBF182D46944CA561447FB6FF72F2A2221045D978EA2B5B752116
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:8B8309352DE7BF1770C6209E8E79DFF0A745A31EAC67B06B9042B51E3018D58F0898384453CF1EDEE71A6978CF1E518C3E4FEF8B9367B53482B907E2A9DEF23E
                                                                                                                                                                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...........Ir..Ir..Ir.....r.....Ar..O.?.Xr..O...]r..O...\r......r......Os......Ar......Jr.....Or..#...Hr......r.....Hr......p.....Vr......r..O....r..]...Mr..Ir..{r.....br.....Kr.....rr..Ir...w.....Or..#...&v..#...Hr..#.=.Hr..IrU.Mr..#...Hr..RichIr..................PE..d....+g.........."....&..u..xa.......1........@.............................`.......r....`.............................................L.......D....`6......'....H....*.......S......T.......................(......@.............u.x%..x........................text.....u.......u................. ..`.rdata..v.p...u...p...u.............@..@.data.....@..........n..............@....pdata.......'......D..............@..@.didat.......@6.....................@..._RDATA.......P6.....................@..@.rsrc.......`6.....................@..@.reloc...S.......T..................@..B................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\CCleanerBugReport.exe

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32+ executable (console) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):5983536
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.531659729408976
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:98304:OdUuCVAYLjl8O5wP2iAQCpeYKyYc9DYLceHGPOgok:Od7Cj8cSjABeYKyYc9DYLceHGmU
                                                                                                                                                                                                                                                                                                                                                                                MD5:0CD1F5CAD7DFED152434BD6CDA8D5094
                                                                                                                                                                                                                                                                                                                                                                                SHA1:3BA5D6F2911F593B86C380DD0B09CA91CAC50884
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:E40A85ABB7177A2849C18C19DFAFBF60C6E29CF372099D94704BADE006B9CCFF
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:436C4970D3CEFF99AC234CEE2672D57866A9109E89A4F5F331F56FC554E7AD444DD54162F735C7CE81B5DD736F1189B9E9BF3BB46A8C6BBF0850F71517E6CCD4
                                                                                                                                                                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...................................P...........!..L.!This program cannot be run in DOS mode....$........LI..-'D.-'D.-'D._$E.-'D._"E.-'D..D.-'D.#E.-'D."E.-'D.$E.-'D.U.D.-'D.X#E.-'D.X#Ez-'D.X#E.-'D.-'D.-'D.X"E.-'D.X"E.-'D._#E.-'D._&E.-'D.-&D./'D...E.,'D..'E.-'D...D.-'D.-.D.-'D..%E.-'DRich.-'D................PE..d......f.........."....&..=..8.................@..............................\.....G+\...`.........................................`\O.....H]O.h....pZ......`W.P...H"[..*....[.(q...tG......................vG.(...@sG.@.............=.(............................text...\.=.......=................. ..`.rdata..0.....=.......=.............@..@.data...P.....O.......O.............@....pdata..P....`W.......V.............@..@_RDATA.......`Z.......Y.............@..@.rsrc........pZ.. ....Y.............@..@.reloc..(q....[..r....Z.............@..B........................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\CCleanerCrashDump.exe

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32+ executable (console) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):3509552
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.517946970487251
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:49152:5cKPe8RmW6V0AXsxz4/tcwdneYP2X4oEngqPF7eVKgtMtchtq+0K1fy0TKJ2t6BD:5ZmX5ptZpnnV46BqQjq0
                                                                                                                                                                                                                                                                                                                                                                                MD5:A27D2E703C03AB74FE3CC5AF08365317
                                                                                                                                                                                                                                                                                                                                                                                SHA1:090B97B018D7CFDEDD2CFC6A1562096DB621B0F4
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:987E2E453391E12F94D60D8078D0505E134CAB7441FB2E10EDF4276A12507B48
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:6AFD8747425C0CEB6C7AA4D1B31396B87137D330E8476F59C6C2903E606C217E7681586393D8E47F4D759157E7D127AB41E0FD2D4E4F149D973AE71D1D404EDF
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...................................8...........!..L.!This program cannot be run in DOS mode....$.......9@t>}!.m}!.m}!.m.S.lv!.m.S.l.!.m.S.la!.m{..m~!.m{..lo!.m{..li!.m{..l.!.mtY.m.!.m.T.l|!.m}!.mz!.m+T.l~!.m.S.ld!.m.T.lt!.m}!.m. .m...l.!.m...l|!.m...m|!.m}!.m.!.m...l|!.mRich}!.m........PE..d......f.........."....&.z ..j.................@.............................06.......5...`...........................................,.......,.......4.......3....Hb5..*....5..U..h.&.......................&.(...p.".@............. .`...p.,.@....................text...Lx ......z ................. ..`.rdata........ ......~ .............@..@.data........@,..4...&,.............@....pdata.......3......Z2.............@..@.didat..P.....4.......3.............@..._RDATA........4.......3.............@..@.rsrc.........4.. ....3.............@..@.reloc...U....5..V....5.............@..B........................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\CCleanerDU.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):13792048
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.602219681080678
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:393216:vPIf51SNtU0K1CHJ/zF3hBMFlpv/YpJ57:vdU0lL
                                                                                                                                                                                                                                                                                                                                                                                MD5:5BF154B314DD57993C85493E84D55072
                                                                                                                                                                                                                                                                                                                                                                                SHA1:E7EE235D612CB4EFECAB411F457D09468E5A00D5
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:9FBE624E28CB0B257EE6132B62EA14CE15269AE560397B376C3E831A7ACAE880
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:340CA1DE0D64C2E90C5EB48AE7FA3E70E50A2D56C320094935AC9E3CA4D85FD428D665C758909C78E8044FC6AC60A13EDBF0E649BB0E65C95A280034CAA381F9
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...................................X...........!..L.!This program cannot be run in DOS mode....$.........Q.D.?[D.?[D.?[..:Z..?[B+.[O.?[B+;ZU.?[B+:Z3.?[B+<ZV.?[..<ZT.?[..;Zc.?[M.[F.?[..;ZX.?[..;ZE.?[..:Z@.?[..;Z.?[D.?[t.?[..:Z..?[..>Zi.?[D.>[..?[.+6Z..?[.+?ZE.?[.+.[E.?[D..[E.?[.+=ZE.?[RichD.?[........................PE..d...!..f.........." ...&.....N<.....PSV.............................................?.....`A.........................................................0..........`*..HH...*...@..p[............................(......@............ ..X............................text...l........................... ..`.rdata..x@).. ...B).................@..@.data....z...p...p...H..............@....pdata..`*.......,..................@..@_RDATA....... ......................@..@.rsrc........0......................@..@.reloc..p[...@...\..................@..B................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\CCleanerPerformanceOptimizer.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):13565232
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.614378198624393
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:393216:dF1XjtiM89GGG90U++jqp3seseLzNylHJhUC8:dJ1/GmB+L
                                                                                                                                                                                                                                                                                                                                                                                MD5:9C5EDB363F42A178C6C88DFF30369593
                                                                                                                                                                                                                                                                                                                                                                                SHA1:F83C5D7421234655B1C4DD754EABA0BBA62AE983
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:0ED195A1C5B51866B7C554251F993B5F7DDF620294C28682DA069C54082CC46E
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:777705015074C5704248C5461549F4E4385CFF2D63BE78DEB1B3B8D556E9CDADD2F61D035841D3633D7FD21A3B1B9C5707FB982A1A9A5305A5FE7D2098B285C2
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...................................X...........!..L.!This program cannot be run in DOS mode....$.......P......................xN......x.......x..y....x................0..... .....B............................B...*..............$......?..........~x......~x......~xL.......$.....~x......Rich....................PE..d.....}f.........." ...&.....B:......%W...................................... .......=....`A........................................................0..........J..H....*......XS............................(......@............................................text............................... ..`.rdata..xP'......R'.................@..@.data..............................@....pdata...J.......L..................@..@_RDATA....... ......................@..@.rsrc.......0......................@..@.reloc..XS.......T...~..............@..B................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32+ executable (console) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):1087792
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.644513170159043
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24576:gDK1+JFqgjYaIsw6MCqDDch0lhSMXl0u7Bhdu5V+X7:gpJFqu0sw6bSDht0n+
                                                                                                                                                                                                                                                                                                                                                                                MD5:8D317E02B420A30BAF4CE55B2A2D9091
                                                                                                                                                                                                                                                                                                                                                                                SHA1:2EB8986015D99F9C1D0C98941D10CBD803EB678D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:3074F824850FA8B4F001DC6F8016F2D441CB857CEBE0F4F1DC0ED80FBCEE2687
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:E596713C15A1E25A8DF486652B068CC9FD28B34714B563403B57E6E680782554E0639FB5919058658CDB8DD8BA762C470FE14627FCB7920993A4D96B8C2398D1
                                                                                                                                                                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$............`i..`i..`i...j..`i...l.m`i...m..`i..`i..`i...m..`i...j..`i...l..`i...l..`i...h..`i..`h.y`i...`..`i....`i..`...`i...k..`i.Rich.`i.........................PE..d.....+g.........."....&.............".........@..........................................`.....................................................<............P..4b..Hn...*.......... ...T.......................(....V..@............ ..0.......@....................text............................... ..`.rdata....... ......................@..@.data............>..................@....pdata..4b...P...d..................@..@.didat..0............:..............@..._RDATA...............<..............@..@.rsrc............ ...>..............@..@.reloc...............^..............@..B................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\CCleanerReactivator.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):2340656
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.524905634480361
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:49152:3Bng1aj4rCRJlNsF9XTmKk7s/OXjuvkC1TcyOJhQ:Ng1aDJlc8n7+
                                                                                                                                                                                                                                                                                                                                                                                MD5:249254A30D1E371E35E70E8D0B2AB1DC
                                                                                                                                                                                                                                                                                                                                                                                SHA1:3A2391DB198062507FB0F80F20BD8244A470D660
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:0B50A1D8B58A92AC78E8294E318224A140085F61EAF04C2777792905765B30E6
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:F7449AF8E1EBC328544F80FF85CF015C0EF856C6F5943AC73A308CFC34C5CEA860574EBF867E5A1F08A853454A33DD89A2815EFC7DEFAA9A5C7ECB4C14C1678C
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...................................0...........!..L.!This program cannot be run in DOS mode....$.......................6.......6...G...6........}......}.......}.......}............'.......................6...........Q....}..7....}.......}..............}......Rich............PE..d.....}f.........." ...&.....n......P........................................P$.....!.#...`A..........................................................#......`".L...H.#..*....$..?.. ...........................(......@...............X............................text............................... ..`.rdata..............................@..@.data........@.......$..............@....pdata..L....`".......!.............@..@_RDATA.......p#.......".............@..@.rsrc.........#.......".............@..@.reloc...?....$..@...L#.............@..B........................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\CCleanerReactivator.exe

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):193328
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.8300061914770005
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:xCvXmthjRa7YzodSub8J0ta8cs0nBiZOuaS+UKy/oPyIRNogaNDCOSp3CvdHOcJH:xC+7jRaWoMub8iHP0Bqot686BSpwlrJH
                                                                                                                                                                                                                                                                                                                                                                                MD5:028192452CDDAE8BD74218442D32B211
                                                                                                                                                                                                                                                                                                                                                                                SHA1:F49999EB74FB608EAF9D3A0F34DFA642886D1C36
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:93C0481904553617C15BA446837D68B1A37CA97BC3B4FA4F5DE0C45A589C093D
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:42FED23B0733983E7E71F7E82C140D51FAF7C98975E9047BD02BB768800126F3121673A6DE0D286013252FAB7F8256B2747E04EFE47B025C18BBD3E44F2244EE
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........k..V...V...V...x......V...W...P...F...P...Y...x..Q...x..Z...x..U...P...}...V.......<...W...<...W...V.t.W...<...W...RichV...........PE..d....+g.........."....&.......................@.....................................L....`.....................................................(.......X...........H....*......X....y..p...............................@...............`...$...@....................text...P........................... ..`.rdata..............................@..@.data...............................@....pdata..............................@..@_RDATA..............................@..@.rsrc...X........ ..................@..@.reloc..X...........................@..B................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Data\DUState.dat

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):128182
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.296051260337115
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:RTrYGF01b0B/Pwhu6kxXhqgkTIhuMbTU19m:RTrYGF01bY/PwhuBUIPb4m
                                                                                                                                                                                                                                                                                                                                                                                MD5:C1147F01A544B504E63C2060A815B567
                                                                                                                                                                                                                                                                                                                                                                                SHA1:5AD834A27DD6E88F70B424E7D85F64F8BB8F1A94
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B62183D748A9AB166BF87A43A2EBC5E066B22CCB897D613BD9FF356656428925
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:E3B1A07840A7088F7AC3314D9FFE2D6DB603B5FA6BBE0951EDCD71892F626BF8E3D71DC8770DA6E4ADB1272B527E8D9BA964D497CD803117AA56B3B1EF261126
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:{..."Backups" : [],..."DeviceList" : ...[....{....."childrenIds" : [],....."class" : "Monitor",....."classGuid" : "{4D36E96E-E325-11CE-BFC1-08002BE10318}",....."classIconName" : "Monitor",....."compatibleIds" : .....[......"*PNP09FF".....],....."connected" : true,....."containerId" : "{298580E3-E0E9-5B21-9699-52225753EF2E}",....."devType" : 34,....."deviceInst" : 11,....."driversList" : .....[......{......."cveIdentifiers" : [],......."description" : "(Standardmonitortypes)-GenericNon-PnPMonitor",......."downloadJobGUID" : "",......."driverDate" : 12975033600,......."driverDateFormatted" : "2012-03-01 00:00:00",......."driverKey" : "0",......."driverPackageId" : "1683643394-13199241",......."driverType" : 4,......."driverVersion" : "1.0.0.0",......."fix" : false,......."friendlyName" : "",......."hardwareId" : "",......."hidden" : false,......."ignored" : false,......."infFileName" : "gr276hl.inf",......."isDchDriver" : false,......."manufacturer" : "ACER",......."matchingId" : "1104E3

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Data\StateHistory\DUState 2024-11-24 11-16-32-817.dat (copy)

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):128182
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.296051260337115
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:RTrYGF01b0B/Pwhu6kxXhqgkTIhuMbTU19m:RTrYGF01bY/PwhuBUIPb4m
                                                                                                                                                                                                                                                                                                                                                                                MD5:C1147F01A544B504E63C2060A815B567
                                                                                                                                                                                                                                                                                                                                                                                SHA1:5AD834A27DD6E88F70B424E7D85F64F8BB8F1A94
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B62183D748A9AB166BF87A43A2EBC5E066B22CCB897D613BD9FF356656428925
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:E3B1A07840A7088F7AC3314D9FFE2D6DB603B5FA6BBE0951EDCD71892F626BF8E3D71DC8770DA6E4ADB1272B527E8D9BA964D497CD803117AA56B3B1EF261126
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:{..."Backups" : [],..."DeviceList" : ...[....{....."childrenIds" : [],....."class" : "Monitor",....."classGuid" : "{4D36E96E-E325-11CE-BFC1-08002BE10318}",....."classIconName" : "Monitor",....."compatibleIds" : .....[......"*PNP09FF".....],....."connected" : true,....."containerId" : "{298580E3-E0E9-5B21-9699-52225753EF2E}",....."devType" : 34,....."deviceInst" : 11,....."driversList" : .....[......{......."cveIdentifiers" : [],......."description" : "(Standardmonitortypes)-GenericNon-PnPMonitor",......."downloadJobGUID" : "",......."driverDate" : 12975033600,......."driverDateFormatted" : "2012-03-01 00:00:00",......."driverKey" : "0",......."driverPackageId" : "1683643394-13199241",......."driverType" : 4,......."driverVersion" : "1.0.0.0",......."fix" : false,......."friendlyName" : "",......."hardwareId" : "",......."hidden" : false,......."ignored" : false,......."infFileName" : "gr276hl.inf",......."isDchDriver" : false,......."manufacturer" : "ACER",......."matchingId" : "1104E3

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Data\StateHistory\DUState 2024-11-24 11-17-08-263.dat (copy)

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):128182
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.296051260337115
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:RTrYGF01b0B/Pwhu6kxXhqgkTIhuMbTU19m:RTrYGF01bY/PwhuBUIPb4m
                                                                                                                                                                                                                                                                                                                                                                                MD5:C1147F01A544B504E63C2060A815B567
                                                                                                                                                                                                                                                                                                                                                                                SHA1:5AD834A27DD6E88F70B424E7D85F64F8BB8F1A94
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B62183D748A9AB166BF87A43A2EBC5E066B22CCB897D613BD9FF356656428925
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:E3B1A07840A7088F7AC3314D9FFE2D6DB603B5FA6BBE0951EDCD71892F626BF8E3D71DC8770DA6E4ADB1272B527E8D9BA964D497CD803117AA56B3B1EF261126
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:{..."Backups" : [],..."DeviceList" : ...[....{....."childrenIds" : [],....."class" : "Monitor",....."classGuid" : "{4D36E96E-E325-11CE-BFC1-08002BE10318}",....."classIconName" : "Monitor",....."compatibleIds" : .....[......"*PNP09FF".....],....."connected" : true,....."containerId" : "{298580E3-E0E9-5B21-9699-52225753EF2E}",....."devType" : 34,....."deviceInst" : 11,....."driversList" : .....[......{......."cveIdentifiers" : [],......."description" : "(Standardmonitortypes)-GenericNon-PnPMonitor",......."downloadJobGUID" : "",......."driverDate" : 12975033600,......."driverDateFormatted" : "2012-03-01 00:00:00",......."driverKey" : "0",......."driverPackageId" : "1683643394-13199241",......."driverType" : 4,......."driverVersion" : "1.0.0.0",......."fix" : false,......."friendlyName" : "",......."hardwareId" : "",......."hidden" : false,......."ignored" : false,......."infFileName" : "gr276hl.inf",......."isDchDriver" : false,......."manufacturer" : "ACER",......."matchingId" : "1104E3

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Data\StateHistory\InitialDUState V24_2.dat (copy)

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):128182
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.296051260337115
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:RTrYGF01b0B/Pwhu6kxXhqgkTIhuMbTU19m:RTrYGF01bY/PwhuBUIPb4m
                                                                                                                                                                                                                                                                                                                                                                                MD5:C1147F01A544B504E63C2060A815B567
                                                                                                                                                                                                                                                                                                                                                                                SHA1:5AD834A27DD6E88F70B424E7D85F64F8BB8F1A94
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B62183D748A9AB166BF87A43A2EBC5E066B22CCB897D613BD9FF356656428925
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:E3B1A07840A7088F7AC3314D9FFE2D6DB603B5FA6BBE0951EDCD71892F626BF8E3D71DC8770DA6E4ADB1272B527E8D9BA964D497CD803117AA56B3B1EF261126
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:{..."Backups" : [],..."DeviceList" : ...[....{....."childrenIds" : [],....."class" : "Monitor",....."classGuid" : "{4D36E96E-E325-11CE-BFC1-08002BE10318}",....."classIconName" : "Monitor",....."compatibleIds" : .....[......"*PNP09FF".....],....."connected" : true,....."containerId" : "{298580E3-E0E9-5B21-9699-52225753EF2E}",....."devType" : 34,....."deviceInst" : 11,....."driversList" : .....[......{......."cveIdentifiers" : [],......."description" : "(Standardmonitortypes)-GenericNon-PnPMonitor",......."downloadJobGUID" : "",......."driverDate" : 12975033600,......."driverDateFormatted" : "2012-03-01 00:00:00",......."driverKey" : "0",......."driverPackageId" : "1683643394-13199241",......."driverType" : 4,......."driverVersion" : "1.0.0.0",......."fix" : false,......."friendlyName" : "",......."hardwareId" : "",......."hidden" : false,......."ignored" : false,......."infFileName" : "gr276hl.inf",......."isDchDriver" : false,......."manufacturer" : "ACER",......."matchingId" : "1104E3

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Data\burger_client\8866F8A9-70C9-43A2-BFBE-EE00AA2DC417\203abf8c-03ea-4cb7-b490-fe04ea1c26bb

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):678
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.412974555972278
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12:CUE/Wx1SHIcjJ7uoUIjIqBknVpjoz4s94reLemxLpC+:CUlU/jJwIjDBKD9sOeFq+
                                                                                                                                                                                                                                                                                                                                                                                MD5:808D4BC850FCB45A1BE566DDAB80275B
                                                                                                                                                                                                                                                                                                                                                                                SHA1:C9E1D0B8DB6B93C92BC6368F86EA53FAF1D2DD7B
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:C4EA0EBC8A88AE5FEBF7971B74B14CFE56CE65B047CA40E1CBE827B10AF59079
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:72AC4E94070E4CA10A5B59673440D31B7DDF052D220160CA2E3585406D85B1B5CCCE18620521C04C499ED4DA341FE915CDC9A896C3159A055CCCB4576B203A7F
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:burgerdata..................................z..O...... ..eu.A.1..|[+............f...... ......R..e..otgHQ5.L......b..:................ ...*-5.....~5..~.....as.i..@..........D..Tix.. .-.......u..}.ni...a.&.h..........`..E.1..V.#..T..9..e..l.K...3R..!.."...../.1A.(...KN.'...}.Wg.(..k.Op....BT......{x..?....O.)q>(w..@.Jlr.F.2.;N...g5..<..c.Is..O......Wz.hA.C..V.'.e...\.9..}^Nn9S P.Ml.)...9S/..U..K..)............I.$.4.....d....u....7.pq....j.v2.....q.......'e.:N.5[...b.Z.C.....>Vdy..a..d...rO.n.T.....s|....k*sok....+........G.RL=...B0.fi..S..YJ.M",...\...Y...9.7....@V{7...-...@....8..*...`.[../?.....FrC6K{..{...bKZx*.&..l...h...y...Z.*...]nd

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Data\burger_client\8866F8A9-70C9-43A2-BFBE-EE00AA2DC417\44ED97C8-2D40-4A50-913D-673F6858B9AF

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):120
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.552910079649728
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:+xMaw+/pLsLy3Eu71/A9L6mTX8jusLRAp5CrlnTQ2P3:+HEO3u8XlU5Cr9TQ2P3
                                                                                                                                                                                                                                                                                                                                                                                MD5:2324F857905F75236034AAE280EF0F99
                                                                                                                                                                                                                                                                                                                                                                                SHA1:15D85293480957F2CE63BB084F0A6D0D1BFB0691
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:7A129789948925B4496B94B792F5A9C6A08149696573619A5D828AABE8337247
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:AAD1B9B158F14E7B1EC9DDB8A9EF0CAE0BB28A857DD98DD8F66DE1F6171959BF481EDD28CFACC4F072B4C7A15A55EAD89E262019B61C4CE07A8CF4EAC68F54B6
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:..kktmdg20,1..kktmdg, Inc..&Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz ...*.Intel Corporation2.Intel 806f88..@.H.P.?X..`..

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Data\usercfg.ini

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):131
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.908743280750074
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:tv+hrj+pEWh111p/ttTixWwBN7OCNGO4JgHLuZ:tmhX+tjFiJBNFNnbSZ
                                                                                                                                                                                                                                                                                                                                                                                MD5:2C2759F3DDAE8F6A7298B10B0A5A07F5
                                                                                                                                                                                                                                                                                                                                                                                SHA1:6F828372B5230D75A1488B50F2C835F8F4FF9857
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:7A22568EF4E4B3212C21122D353A2BCD26AADA66D5CAB47166F2EFA777CA191B
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:69EFD4B4AE83329EFA97FFADBB282290A290FABE4CD3C66C0F38BAD8297AED24FE9D218B16F3A1918D8BFFACF74B4081AB34B6138107E7B0EA4742534B69DF6A
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:...[DriverUpdater]..LastRestorePoint=0..LastRevert=0..LastScan=1732446979..LastUpdate=0....[GDPR]..thirdPartyAnalyticsEnabled=1..

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\LOG\BugReport.log

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleanerBugReport.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):5400
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.02187861072386
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:XuocFzjRoV7vNFG9kQdL7TZiysX4ysXBJFlEq5j0dJRUu:XuDdLsysoysL/0dJn
                                                                                                                                                                                                                                                                                                                                                                                MD5:CB2430FB4BDAB5BC1806620253FDD35C
                                                                                                                                                                                                                                                                                                                                                                                SHA1:37A250B79F6D67CDD0C118133CA38D43BA11FDC3
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:1DEE0F99D5AD13018ABEC954B299AB4BD0CB296A1A52D38708539A6789D55BDA
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:8CED51B62363910F711546FE1C710530C2864E04EEA7DBCFE05C57F3F227A9BCEAF695A28CB36AC00F3A3C96F383ABA070CDE1E0327C0579437A37AF2DBCD399
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.[2024-11-24 11:14:54.281] [notice ] [bug_report ] [ 5912: 6788] [60E748: 314] BugReport started...[2024-11-24 11:14:54.281] [notice ] [bug_report ] [ 5912: 6788] [60E748: 96] - valid package type found in [send]: 0..[2024-11-24 11:14:54.281] [notice ] [bug_report ] [ 5912: 6788] [60E748: 96] - valid package type found in [send]: 2..[2024-11-24 11:14:54.281] [notice ] [bug_report ] [ 5912: 6788] [60E748: 121] - setting [product] to 90..[2024-11-24 11:14:54.281] [notice ] [bug_report ] [ 5912: 6788] [60E748: 121] - setting [programpath] to C:\Program Files\CCleaner..[2024-11-24 11:14:54.281] [notice ] [bug_report ] [ 5912: 6788] [60E748: 121] - setting [version] to 6.30.11385..[2024-11-24 11:14:54.281] [notice ] [bug_report ] [ 5912: 6788] [60E748: 121] - setting [guid] to aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a..[2024-11-24 11:14:54.281] [notice ] [bug_report ] [ 5912: 6788] [60E748: 116] - setting [silent]..[2024-11-24 11:14:54.281] [notice ] [bug_report ] [ 5912: 6788] [60E74

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\LOG\BugReport.status

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleanerBugReport.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):146
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.060085190454672
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:AmNjKZikFx8cGYLXLNoDIEE4PZkHz5NvRUHqWqUSIhQpy:AmUi0zluDBXhVtqEhWy
                                                                                                                                                                                                                                                                                                                                                                                MD5:A795D25869E79D3BD459D5EAE53E623F
                                                                                                                                                                                                                                                                                                                                                                                SHA1:8C61CAB60A644D3CC1CE179C981FB5671AAFC4F9
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:2C6DC14652C53C4BE4F1A3B55F403002823EA0CF5CC406FC66E2D926B7AD9D5E
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:DE4B9D2D8E5D0EF134196C7793C23363E039941B808147560E0F70B159DA510677315D9B1297661B69F3711358FDDD63B9D6B52C6761520EFD4A9E884F4177C6
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:1|C:\Program Files\CCleaner\LOG\unp31145570364458760i-unhandled.mdmp|17324535864083012|2..2|LogFilesWithReport-90-6.30.11385|17324536487631385|2..

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\LOG\DriverUpdEng.log

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):2311
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.000672779546997
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:RnNzhNkKOvNAGTL6SNDUlQNzTL6oNoUlANDo6NDcobFEdNDcNUlNoowNocobFEz8:tEL6hlsL6IlzMb721b6O
                                                                                                                                                                                                                                                                                                                                                                                MD5:0ED97D51CBEFCAAEB1159E09A33C52D8
                                                                                                                                                                                                                                                                                                                                                                                SHA1:8D05678ABEAC46BB44F5B4DEA74421595BD8FEBF
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:F04CD327C2F1C31D696534A8889DAB0B6E0EEF1A0255D7A352D60AC9F3B2868B
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:A2E15F54CDE23C93D95CFC5B5AE002046C7520B69325D458BD01D129E2AEAAE64E019028A3BECAA80285E2E2435E06E6AE4B4C723C96874538B7536088DD1829
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.[2024-11-24 11:15:29.488] [info ] [DULib ] [ 3276: 7316] [3273A3: 38] [24.2.5234.0] [UpdateManager.cpp] [38] DriverUpdater::UpdateManager::UpdateManager: Initialize Update Engine..[2024-11-24 11:15:04.666] [info ] [DULib ] [ 2992: 7788] [3273A3: 38] [24.2.5234.0] [UpdateManager.cpp] [38] DriverUpdater::UpdateManager::UpdateManager: Initialize Update Engine..[2024-11-24 11:16:19.573] [info ] [DULib ] [ 3276: 1568] [CEF02C:1416] [24.2.5234.0] [DriverUpdater.cpp] [1416] DriverUpdater::DriverUpdaterImpl::logTask: Creating new SCAN Task..[2024-11-24 11:16:19.700] [info ] [DULib ] [ 3276: 7344] [CEF02C:2239] [24.2.5234.0] [DriverUpdater.cpp] [2239] DriverUpdater::DriverUpdaterImpl::Scan: Starting Scan..[2024-11-24 11:16:53.087] [info ] [DULib ] [ 2992: 6112] [CEF02C:1416] [24.2.5234.0] [DriverUpdater.cpp] [1416] DriverUpdater::DriverUpdaterImpl::logTask: Creating new SCAN Task..[2024-11-24 11:16:53.195] [info ] [DULib ] [ 2992: 7824] [CEF02C:223

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\LOG\DriverUpdEngTask.log

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):3
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.584962500721156
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:g:g
                                                                                                                                                                                                                                                                                                                                                                                MD5:ECAA88F7FA0BF610A5A26CF545DCD3AA
                                                                                                                                                                                                                                                                                                                                                                                SHA1:57218C316B6921E2CD61027A2387EDC31A2D9471
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:F1945CD6C19E56B3C1C78943EF5EC18116907A4CA1EFC40A57D48AB1DB7ADFC5
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:37C783B80B1D458B89E712C2DFE2777050EFF0AEFC9F6D8BEEDEE77807D9AEB2E27D14815CF4F0229B1D36C186BB5F2B5EF55E632B108CC41E9FB964C39B42A5
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\LOG\DriverUpdaterLib.log

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):7872
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.935578597738827
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:96:g+yNRFOpEyc36KwfeN6KwfeNacO+gzRNapYPNuexNueiRA:uznKKWesKWexCpPNuexNueiO
                                                                                                                                                                                                                                                                                                                                                                                MD5:3067C94472589E7702A31CE8DB522EA7
                                                                                                                                                                                                                                                                                                                                                                                SHA1:47619196474087A7272AE57B97ACEFFC21C4947A
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:9A5C43CC6F5E89CD3F20055940604A7C840A9C04441A224869A78D6F805C7833
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1E5C6AC8061DA93CA5E31CC74839DF766898C1694A85C51A0B540DAAD1587A22DC5B86302F3D280C6A3342AA9D0B3646DA2338279AEFE76F65009799B72D378D
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.[2024-11-24 11:15:29.410] [info ] [settings ] [ 3276: 7316] [9C0E0D: 405] paths.ini_store configuration is empty, settings ini store folder to asw::instup::GetDataDirectory...[2024-11-24 11:15:29.410] [info ] [files ] [ 3276: 7316] [BA3800: 221] watch task for C:\Program Files\CCleaner\Setup started..[2024-11-24 11:15:29.410] [warning] [ini_access ] [ 3276: 7316] [458A42: 187] failed to read ini file C:\Program Files\CCleaner\usercfg.ini.. Exception: couldn't open file.. Code: 0x00000002 (2)..[2024-11-24 11:15:29.410] [info ] [files ] [ 3276: 7316] [BA3800: 221] watch task for C:\Program Files\CCleaner started..[2024-11-24 11:15:29.410] [info ] [files ] [ 3276: 7316] [BA3800: 141] watch task termination for C:\Program Files\CCleaner requested..[2024-11-24 11:15:29.410] [info ] [files ] [ 3276: 7316]

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\LOG\DumpProcess.log

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleanerCrashDump.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):1350
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.758975628260921
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:tuqjV8xZ0h0pq0h7uOC30h7uAFM5VVvhq/FtjM7dC3M79I:1Wxw0pKbKK1VE/FtAs8q
                                                                                                                                                                                                                                                                                                                                                                                MD5:C90C697BDFF69F729F9A20369A17DBF7
                                                                                                                                                                                                                                                                                                                                                                                SHA1:AA4072BFCCA15C7B23A1799C3391A3FEAE8F5992
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:82405323D21A88D259C01B377527B6E3FC499256DCA89B0057C0B28273889CE5
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:7AD2BD8794C174FF3678AD4ACD946527093066B99FED01A3821C223187057A8D59D41BE0A45CB1C78AFA5643139A81A314F517A9F70E920E3FBC00CBF09B5116
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.[2024-11-24 11:14:53.527] [info ] [dump ] [ 320: 768] [BA3DC1: 185] Dumpmaster is arming...[2024-11-24 11:14:54.590] [info ] [dump ] [ 320: 768] [A27714: 215] Dump written with flags: 0x41964..[2024-11-24 11:14:54.637] [info ] [dump ] [ 320: 768] [BA3DC1: 233] Successfully dumped process 1272 into 'C:\Program Files\CCleaner\LOG\unp31145570364458760i-unhandled.mdmp' (dump level: 0x15)..[2024-11-24 11:14:54.637] [info ] [log_module ] [ 320: 768] [85DA1B: 31] LogModule is going to be destroyed...[2024-11-24 11:14:54.637] [info ] [log_module ] [ 320: 768] [85DA1B: 32] =====================================================================================================================..[2024-11-24 11:15:56.494] [info ] [dump ] [ 4416: 7064] [BA3DC1: 185] Dumpmaster is arming...[2024-11-24 11:15:56.494] [notice ] [dump ] [ 4416: 7064] [BA3DC1: 239] Minimum interval between dumps (60 minutes) was not yet reached as last dump was created

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\LOG\burger_client\8866F8A9-70C9-43A2-BFBE-EE00AA2DC417\2bab7519-4020-4dae-a822-3e7f39e8fa82

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):614
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.317029308895557
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12:CUE1O+pyMHFCDZH+XuNr1Wewnvr7e8HDi2HPkMOx9R8a2+CELW:CUz+IMoD1jG7DDi28VLBCUW
                                                                                                                                                                                                                                                                                                                                                                                MD5:E7E97443683D8F9D56378A3162C78FD4
                                                                                                                                                                                                                                                                                                                                                                                SHA1:7F6138C2A2EBEA0F2A040B878BCCEBC8086352E3
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:F8A921D19DF88197825777F590DA0447005506881925E3B36C2AA5D24CB3F7F8
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1AABC92144B2D4946EE0FF9BC0ADCA032DE4E9540EED3AB133E65484B701910958C77C66D7D85F5EA6908FE087052037B17AFEDF3E4E7285680E9DA1484D9276
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:burgerdata..................................z..O...... ..eu.A.1..|[+............f...... ...z.....:.|^.r.}....b.....0?..{............ ......dN?....,/..:......b..%J<.].-p.......;. m..I.v....M>bWS<..........T."}.(o...:..DA...b....6.e6.PEX.....\/...`...m5mm.........!.....S.{...k..Z.H]..U......n.-..q.8.KaK..oM.........+}...7.=......@..6e.E\...R..f..W.....no...Eh..3.@..*8j... .I]...8y.O.h...L'....f.i.O.v...Y[.......Q>g..........U"h!.Z......P..c.O.K^(.pv..|.......^Y.Bo......3.?..\...3......`q`.~..6A...._G.& A@...[...wb.....q.....Y..<...3..Y....!.[...J..&..=xa.....|nv.O{`CA

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\LOG\burger_client\8866F8A9-70C9-43A2-BFBE-EE00AA2DC417\44ED97C8-2D40-4A50-913D-673F6858B9AF

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):120
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.552910079649728
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:+xMaw+/pLsLy3Eu71/A9L6mTX8jusLRAp5CrlnWQ2P3:+HEO3u8XlU5Cr9J2P3
                                                                                                                                                                                                                                                                                                                                                                                MD5:F6577123CBE77818E86A1EA6385A3D7C
                                                                                                                                                                                                                                                                                                                                                                                SHA1:2C27475A7DAA7C1F054472970AF75AF72BE78836
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:9206F4D795C9E3C6677129FD307BCD32E47795DD12C830F9B3C9E6151965B8F4
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:26C373A40E89309039C93C8E7CA95D74B81BE35801C2B67E2C1AAFC8EBD04B9911AD19DB716CC5925AB831206E4C1D1CF91D602F5A832893E99682D40EC79888
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:..kktmdg20,1..kktmdg, Inc..&Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz ...*.Intel Corporation2.Intel 806f88..@.H.P.?X..`..

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\LOG\event_manager.log

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):107
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.936554754702005
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:Sq7UNLTN4EAsFuTgHQXL4WGFS84mSj//LfMTEHM:tCBAkuTT74VSN3r8
                                                                                                                                                                                                                                                                                                                                                                                MD5:7433F033BE94BD48CB1BBBA50E64144F
                                                                                                                                                                                                                                                                                                                                                                                SHA1:5AFF075C76E59DE7EF0B372160BFAE3271B6EBB8
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:89CBE29158AAC9795B27FEACDED60B54264EF07512DE353089C55CF6CD838B68
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:824E75A366F2F0647DD3894AD3978042AA95763C0ACB407214FC254D9AF455B8180B7A476C182E84F5FDD446DB2F5A2A35C833C94E1E30699FB2BE32ED242D31
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.[2024-11-24 11:15:43.628] [error ] [evnt_burger] [ 5536: 7492] [D517EC: 57] Exception: Invalid brand..

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\LOG\pd.log

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):4409
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.207137420290755
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:96:p2/YMRl+SWMRlRrERle2jeETSZXZzwjmVYYW:6Tq/jeETSDzwjmV4
                                                                                                                                                                                                                                                                                                                                                                                MD5:4F81805D7E5948DED9F375D7423A7E49
                                                                                                                                                                                                                                                                                                                                                                                SHA1:0800C443A0E06D8C53CCA1A5BB4EFE0E272F2883
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:00BE72A91001F9A3DFCF2CD869F54067C8AC4C1299D38999119145A9976D7731
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:0A3145872F76A1AB20DC12A5C9C9D5A98912C28551954176A1A214E67EED0C51064B2E6BD42E132051C38B7561F79B000D91F24336591C8203E3EDBD33D67E7B
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.[2024-11-24 11:15:25.110] [info ] [pdsdk ] [ 5536: 4160] [A31F42: 86] Logger initialized..[2024-11-24 11:15:25.110] [info ] [pdsdk ] [ 5536: 4160] [A31F42: 106] CreateEnvironment finished successfully..[2024-11-24 11:15:25.188] [info ] [prgdeact ] [ 5536: 7996] [1CAFB8: 122] [24.1.46.0] [tuprogramdeactivatorcore.cpp] [122] tupp::ProgramDeactivatorCore::Init::<lambda_1>::operator (): Initializing ProgramDeactivator....[2024-11-24 11:15:25.203] [info ] [settings ] [ 5536: 2672] [583441: 405] paths.ini_store configuration is empty, settings ini store folder to asw::instup::GetDataDirectory...[2024-11-24 11:15:25.203] [info ] [files ] [ 5536: 2672] [7DFCDD: 221] watch task for C:\Program Files\CCleaner\Setup started..[2024-11-24 11:15:25.203] [warning] [ini_access ] [ 5536: 2672] [8EEBFA: 180] failed to read ini file C:\Program Files\CCleaner\settings.ini.. Exception: couldn't open

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\LOG\su_adapter.log

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 (with BOM) text, with very long lines (820), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):19545
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.146216885939712
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:384:jbfousuG5DZNGvkkousubDZUMUt7aSxIHNFwnwUNdKunPv7vZ0xNIqvpnb:jbAusp3Gvkzu5GMUne
                                                                                                                                                                                                                                                                                                                                                                                MD5:02E7E0B213261B1C83165006EA455E1B
                                                                                                                                                                                                                                                                                                                                                                                SHA1:8D9926E6440E29B599457982B1D6F8F80B140727
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:0607D990B8EA93AEB12F845A10F82D01163477E0E055CB3494F0A5EFEFD8A915
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:5A4C7288D58FA6A49F5C5F0877E32CE21D9D2AF5C69D8F6C03D805CF7DCE6AA1DCD63072F9B7ECD18E9B9E16196C6265D3EED19760CCE71DDD3E0429E5877F4D
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.[2024-11-24 11:16:16.279] [info ] [sw_updater ] [ 3276: 1568] [98DA86: 105] asw::su_adapter::detail::SUAdapterModule::Initialize:{"data":{"customLogDirectory":"C:\\Program Files\\CCleaner\\LOG","dataDirectory":"C:\\Program Files\\CCleaner\\Data\\su_data","disableBugReporting":false,"enableDebugLogging":false,"opswatCachePath":null,"opswatCdnUrl":"https://download.avira.com/download/opswat-sdk-database/","opswatInvalidateCacheAfterHours":0,"opswatMockupMode":false,"opswatUseCache":null,"opswatWebRequestTimeoutSeconds":30},"signature":"9A72A4B6-3419-4C56-81AD-866403B280F6","type":"struct asw::su_adapter::data::InitializationParams"}..[2024-11-24 11:16:16.279] [info ] [sw_updater ] [ 3276: 3380] [98DA86: 105] asw::su_adapter::detail::SUAdapterModule::StartScan:{"data":{"exclusions":["tp3149","tp848","tp3197","tp2434","tp921","tp236","tp468","tp471","tp2867","tp569","tp570","tp1339","tp2843","tp2594","tp3009","tp1373","tp311","tp571","tp1434","tp2571","tp2845","tp2979","tp2047","tp4

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\LOG\su_controller.log

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):1005
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.065578145661365
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:tNeXUdLhINeXUdLONeXUdADiIDeaWQYYXQhIYXQOYXFDiIDeaWQP:je0Fye0se0yyavqPi9ya/
                                                                                                                                                                                                                                                                                                                                                                                MD5:3CA7E0093735D77E48D9B72664C3E3AB
                                                                                                                                                                                                                                                                                                                                                                                SHA1:4C5111920008AD28CEAFC44EB98B13C7E05184B9
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:C9A1888DA183B0A4341D20753E3821FDEDB5FD8D36E764FBCD6E9E960F4BB2BB
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:440AE9BE67CEC64E71C750DA8DB9F7D6C4F987F485F389ACF65B3A745C4EFB7A8AFDAD810FBF3A38DEB1448A0606AB2EC978A17C09D4DB5ED55237562ACB68A0
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.[2024-11-24 11:16:16.279] [info ] [sw_updater ] [ 3276: 1568] [98DA86: 96] asw::su_controller::detail::SUControllerModule::OnScanStateUpdated..[2024-11-24 11:16:16.279] [info ] [sw_updater ] [ 3276: 1568] [98DA86: 96] asw::su_controller::detail::SUControllerModule::OnDetectionsUpdated..[2024-11-24 11:16:16.279] [info ] [sw_updater ] [ 3276: 1568] [98DA86: 105] asw::su_controller::detail::SUControllerModule::StartScan:S-1-5-21-2246122658-3693405117-2476756634-1003,Nothing,Manual,,nullopt..[2024-11-24 11:16:55.931] [info ] [sw_updater ] [ 2992: 6112] [98DA86: 96] asw::su_controller::detail::SUControllerModule::OnScanStateUpdated..[2024-11-24 11:16:55.931] [info ] [sw_updater ] [ 2992: 6112] [98DA86: 96] asw::su_controller::detail::SUControllerModule::OnDetectionsUpdated..[2024-11-24 11:16:55.931] [info ] [sw_updater ] [ 2992: 6112] [98DA86: 105] asw::su_controller::detail::SUControllerModule::StartScan:S-1-5-21-2246122658-3693405117-2476756634-1003,Nothing,Manual,,null

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\LOG\su_telemetry.log

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):3
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.584962500721156
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:g:g
                                                                                                                                                                                                                                                                                                                                                                                MD5:ECAA88F7FA0BF610A5A26CF545DCD3AA
                                                                                                                                                                                                                                                                                                                                                                                SHA1:57218C316B6921E2CD61027A2387EDC31A2D9471
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:F1945CD6C19E56B3C1C78943EF5EC18116907A4CA1EFC40A57D48AB1DB7ADFC5
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:37C783B80B1D458B89E712C2DFE2777050EFF0AEFC9F6D8BEEDEE77807D9AEB2E27D14815CF4F0229B1D36C186BB5F2B5EF55E632B108CC41E9FB964C39B42A5
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\LOG\unp31145570364458760i-unhandled.mdmp

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleanerCrashDump.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Mini DuMP crash report, 19 streams, Sun Nov 24 11:14:54 2024, 0x241964 type
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):851968
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):2.4615036204883083
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:8QOBrUG854740cHXGI8g6lueUeuanMD9czIfDvq:8QOU0A8b2pDFDS
                                                                                                                                                                                                                                                                                                                                                                                MD5:30F77BC8BAEEC4632C5BB7041DDB5122
                                                                                                                                                                                                                                                                                                                                                                                SHA1:C59A67388A8F9022ABC7BD879FA43BC578650013
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:32D85E6C450D9CCF2CDB9CAFC856431EE129877116032CCF17A967F88D381524
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:CD7BB6B8754CAFA7AE2B7FB9BA9780CEB35FEAB50873ABDF6D8BAFEE77D31679A6DA690EC09734C0ECCCC43BA0893AD61B1A1605558500B196CAAFB13699C1BB
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MDMP..a..... .........Cgd.$.............8.......L...,.......L$..x.......l....4..........05......D...y............3..................8...........T...<........~..6............8...........:......"...W...............................................................................eJ......|;......Lw......................T.............Cg.............................0..............,...E.a.s.t.e.r.n. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................E.a.s.t.e.r.n. .S.u.m.m.e.r. .T.i.m.e...............................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.......................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1025.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):258248
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.238231022120357
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:rGYnpwJ5WckrG4m4xyOfF3VForEml34/s2O8sM10dOR25VvxXLn+TOq3jK5zeDxB:1LiEsHUFU7+
                                                                                                                                                                                                                                                                                                                                                                                MD5:DD572166DEA5DDD56DD98212FBB61E9B
                                                                                                                                                                                                                                                                                                                                                                                SHA1:245354E05432A1C9F21B356BC8F56156A0E75B56
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B45A2DD27D5BFEB98BFAA9628330CDB3BF8B81ABE27DAD1A376857B863E96B54
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1C2E40EF7D5C5D4C8D43EC42539345A8B45A6150E39D5EB5E5E20B888BFD3D814954321247B77C05EC2C048E9F88B3C32D0DD2218F025500E5911D237BB3776B
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.................................................................@.......................................... ...................*...........................................................................................rdata..............................@..@.rsrc........ ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..h....rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1026.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):307912
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.124114562846376
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:DGOPYLFo0y2mxyNRtOdjJTmUDph4au4B7XI:H6m4ASUDJ/7XI
                                                                                                                                                                                                                                                                                                                                                                                MD5:B88E9F66E8A58B33979731FB1C22FFFA
                                                                                                                                                                                                                                                                                                                                                                                SHA1:C4F6CF0C229A4A64C44CD281C70482031AFB1740
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:36B9E82A3A049A95115AA02E47D68C9F1C0060703E145B73098E187A9F5B5208
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:ABEAAB008BC09D17044202E78D0AF69B01876EDCAF52371260123388A1B6B37DC224B6BEC751DC6364BBB60EA164C9C49D6F23AB02925153DF9316EBA32A3980
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'............................................................M.....@.......................................... ..H................*...........................................................................................rdata..............................@..@.rsrc...H.... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M...T...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1027.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):309960
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.638516074889062
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:cGarruphzAmGC0MUmqvn9vQ2iYHzNb0SlLwRPM36qWFnZY2We72sCEsAwo4c7F:hbAK0MUmqVNb0SlsqW7j7F
                                                                                                                                                                                                                                                                                                                                                                                MD5:3D2FA55ABFADC8BDF737D8E5044FD8D0
                                                                                                                                                                                                                                                                                                                                                                                SHA1:7AD0F586BD537292FFC54080D3C55F237FFF3815
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:4B623360FCE24ACD0EC8318A7FBE1904C9A8DA1D7EAD933B79962873670B4C80
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:77A7647426D123AF796E4A44ED6CA3C250FBA471EDB8CF8193324A9B77500848468BF7A42AA78D113FE0ED274EB5F2D1440CE5008D60FDFF45FA9784E90D6725
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'............................................................ 2....@.......................................... ..................*...........................................................................................rdata..............................@..@.rsrc....... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..X]...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1028.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):121032
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.456279670980851
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:bkGH/J14AsGyGT9bdz4MY4JUjAaV0zEwjHhAEil7kHJ7z:QGH7hf4MY4JzdLHRg4p7z
                                                                                                                                                                                                                                                                                                                                                                                MD5:BCB60C0BCC807E3FDE1F85C3FA29EB26
                                                                                                                                                                                                                                                                                                                                                                                SHA1:36B02963EF03D19BA9E3257E289FB5B64E372999
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:BB0349E941CD709EA1493B0C0D1C6A8CACE7254A942478EB3690C2EED99D1B80
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:22F03E966DA2A1E23E4A8342AF9F07571327D04530CFC4767CDF947C3787CEE3D38E1A9448B85EF0AFD3979FD2B62B5ED3295CDEEE53A021E56CF3A9CF829B2E
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.............................................................K....@.......................................... ..P................*...........................................................................................rdata..............................@..@.rsrc...P.... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M...z...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1029.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):273096
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.9684463483684898
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:SGqTV8w+1kxQxrTjEuq2mv4l0V13hcIYq80BJ0wonymZq1Mb2gxQI4F7k:WCW13rYQ7k
                                                                                                                                                                                                                                                                                                                                                                                MD5:094D2E84D6727C326D1E9EB73202BF0F
                                                                                                                                                                                                                                                                                                                                                                                SHA1:CBD7A76391D17FE692CAEA604FE0DF0E79F2ED7E
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:4CB8E195F0C9D2A3BE0013F943B7C9659518C0942422846041F2EE0B917676D7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:BA19A2931D2DC53073EE504357D39FF3A313B0EE3A3AE8F00D06340B9496868CE01E2319DC2B6511D61FC3CDDB5B60BB5E3FEFA7B50584855FD9266AB5571EC9
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'..................................................... ............@.......................................... ..8................*...........................................................................................rdata..............................@..@.rsrc...8.... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1030.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):269000
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.6921075933901903
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:/G1/BUUPjdtlpsCPH02R/CCzuo8JqT1oSo4amSZtTFgCIMginJMaf4D7x:OJrlphwmupgzaO7x
                                                                                                                                                                                                                                                                                                                                                                                MD5:EDBA49A4741FE915AC014EBF36DAFA44
                                                                                                                                                                                                                                                                                                                                                                                SHA1:A230C9536AC71B9729A9F22C5C149D41B35EA12C
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:97C1FED3FCD62004CECFCEAE9CBD3378DE012A3C8578C7324E2E17A1FCA413EA
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:666B7D2E74AE01E2D3D1A3E9F4E8E454A0AF065090E681FBB91E37BDE353C89FA91ED91AFAD075E0E41987363E2CA3C1CA6CBD34FA1FFEDA4A25FB02C4C70C85
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'..................................................................@.......................................... ...................*...........................................................................................rdata..............................@..@.rsrc........ ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.. ....rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1031.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):304328
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.6905828050178866
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:cGZSkJn9KvgjvyvvWTChegDQhK7JUfRtR+ga9hI7AlfbamVXuNdIEhpg8XVLZkwj:Jy/VqEFzda9vpXFPnuV74
                                                                                                                                                                                                                                                                                                                                                                                MD5:A990C225284513AC9623743B627EA74F
                                                                                                                                                                                                                                                                                                                                                                                SHA1:556E8C38E1A600038FA3FF2B06E6752F3C81C404
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:CA9EB9002CF87DE204E99C0E13AD02903E3F374604C72758F922753B5805D3B2
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:DC1A7DDB3FD3F0B1AC22C2D58CDBCC6FB7499B61ECBF732453B9A46996AC0B503A50898C000504E2EFB2BF695BB18BC770208A81CBA84A97D098AEDAFABA5D77
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....x.......................................................1....@.......................................... ...u...........z...*...........................................................................................rdata..............................@..@.rsrc....u... ...v..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M...G...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1032.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):318664
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.292064194598955
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:IG8BkC3TgkU7Z9vMQZO3MnoWX6r85dWORIqY4adqLDBBlKKSUG8ioi9rvxVJzAk9:vvM2+6ayY7B
                                                                                                                                                                                                                                                                                                                                                                                MD5:2FB2A79F84A4E19B903D8FDF48FA1FC3
                                                                                                                                                                                                                                                                                                                                                                                SHA1:0D68AD823B394ACBC2E0C1A0F74A24246AF0F2C0
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:4D7CD8F52E951A298F01049C4CEAB4013E6D010A692348641E18B92DA7F1772D
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1DA5035F1FB71829DD07BF441B3892BAC5AD3A710F7FB5EB95DF1664E73B32DE59445D5F5DE42E11CEA89795B98A899851501C5CE57CA0176DB33722C9D520B6
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'..................................................................@.......................................... ...................*...........................................................................................rdata..............................@..@.rsrc........ ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..x~...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1034.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):303304
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.616693319198234
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:jyx+c99+JqLYRRDFPQivkhQHYhaWCGslwQ7S:Wdxo7S
                                                                                                                                                                                                                                                                                                                                                                                MD5:887BD13A2DE0EEEFE0D1096FFFF97861
                                                                                                                                                                                                                                                                                                                                                                                SHA1:BF117CBFFAD12BD30E3C162F2F5CEEBDC46D4E61
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:3898B5EFBFD3321E668650CA9B0C87382C858E97B9665F5AF244FC11D3A67149
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:7549AECD20C556FF973F21DD32CAB53100FBA33DAB8878F02492532973DBA2E444DC1DFC87DC4A96AE2BCAC3C91D48BC72E69FE648629F21BCB7C080CA43B3D1
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....t.......................................................|....@.......................................... ...p...........v...*...........................................................................................rdata..............................@..@.rsrc....p... ...r..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M...C...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1035.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):280776
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.642505171783827
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:aGGm0iYKzLFQCBRLAEmW6WJM8LHxaMevPHZR/m2lki2/eqLyJ801IEaI88RTr+vE:lLFa8zx/2xWXBziBZp3w/sIYynYuPA7R
                                                                                                                                                                                                                                                                                                                                                                                MD5:59CB30843FAC4717B81F2AF566C40A93
                                                                                                                                                                                                                                                                                                                                                                                SHA1:F378A49200AC579FD4205F7FF0EB8BDBE09C12DF
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:504011484D50C680919B2AA52FB8BE8D9B606E8676A7C0898FF3C2226D0E6337
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C757A7A43B30A59BACE7F0117601E2B98FBFCD1CE16C2EA0EF4A3C894C466A8A2148B8AA4F4127FFFEFF7DD9DF0A79C5730EC674337D3E8816B7ABC82B53D518
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....................................................@......B.....@.......................................... ...................*...........................................................................................rdata..............................@..@.rsrc........ ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..H....rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1036.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):315080
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.6406219866654
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:QG4R/HQG0lY0HlRuz9ldM5f66FhC7Y57+n5lgsPJ+OTanfRcr0y6gvTJxiy4K7n:UUuSpFPQr+OgA7n
                                                                                                                                                                                                                                                                                                                                                                                MD5:77435194209F380F19002CCBF8607F3A
                                                                                                                                                                                                                                                                                                                                                                                SHA1:CFA76B162C7D74A9DA4468C06279DFCD9544C3EA
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:7EB1935C13DE7FF82B932B475F007E0E1A22F1A74CCE9E3DF9C4E6E7386A3D8D
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:9FF05800FBB5521808A3C995BAF0EF8CEDA83BDDA7825375D9E0F07916ADBF5DF0BCA0D028E677A7B4979E325B13BFBDD994EA3AE5F639A617401066A82F14C5
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'............................................................1.....@.......................................... ...................*...........................................................................................rdata..............................@..@.rsrc........ ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..0r...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1037.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):85192
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.772617184680359
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:/IbG/Ev7fV/QDGLu7rXc+yF3hN2qx8xg7keV7I:ABQDGLu7rqF3hNL8xg4eV7I
                                                                                                                                                                                                                                                                                                                                                                                MD5:A5573AE700BE6F965B3505878A4300DB
                                                                                                                                                                                                                                                                                                                                                                                SHA1:46400878B4F8A78F1078CD0BF91FE53A239F49C8
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:4C80CE22D1C693CCB82E6F5D479EC84022F244DEFAAB2947A4B34E66E41FB435
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:773BB42D37F5B3AA4E0B73E98DEDFC49B272BBCC7D68FB42345EC9CB01250B257B98866DA5A5E3BE952DFC12FC3C2EF34C41A326C9795FEAE4606F6D1C34244F
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'..... ...............................................@............@.......................................... ..............."...*...........................................................................................rdata..............................@..@.rsrc........ ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9..p....rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1038.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):300744
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.8229441365316514
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:5GQAkfjlc69HieVvyQfEJfAGaHaf8p2FjQzrDJK8+jewl8w0i85EK/FMJgMET+di:XAp9ZExqPKr4Cy7q
                                                                                                                                                                                                                                                                                                                                                                                MD5:FDA63DA0EB74E54E0BF2B145372EB159
                                                                                                                                                                                                                                                                                                                                                                                SHA1:476858901DBF90CE89946D45F4A58D0D5498131D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:F6CDB9A4DD9F04DC9327514CA8F1869553BB0AF2EE0E28AF4C5F3779C8EB58B1
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C592022AFFB9A225B467079D6072C454DDF43D527414F48B0EAE723B4929224789EF7144C262AD157BA2D08D8FAA4468C76E6672E525E2F2B6CAE5EEBFF08EE2
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....j............................................................@.......................................... ..Xg...........l...*...........................................................................................rdata..............................@..@.rsrc...Xg... ...h..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M...9...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1040.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):297672
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.606665652338658
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:qWqr2dkN5rbJEzkk7VbQgxdUSycevoHN11uBIAN22H/GQJ/WF3jn+lZ5a06IMjpG:qqeabx77e
                                                                                                                                                                                                                                                                                                                                                                                MD5:4E0665CB9F24EEDBD745D78659713CDA
                                                                                                                                                                                                                                                                                                                                                                                SHA1:A6C77BF14F13E223EC18A9E71DBD3292014F1F67
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:BE5217EA2266BFE481BC868447AF33DC3684E721E8ACF9B800F652461654FE01
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:8502069930C5D75CA89E24C301E728975CC77AFB50EAF4F9DB7190B097F56A0BC634908C18B88398C45EA4507F44CDADA102FACAF57B1CD4C89ED0FC0AFC711A
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....^......................................................[.....@.......................................... ..XZ...........`...*...........................................................................................rdata..............................@..@.rsrc...XZ... ...\..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M...,...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1041.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):161992
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.592616141863175
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:TGMxi0oGAYGz/CJyeD/53QPPYE7QREk9kyASAmXS6f8okOqq0Q4WFIU1J+LdHgz2:TQ0ydI91Ka8okL1Cr7g
                                                                                                                                                                                                                                                                                                                                                                                MD5:9235C7E1ACFBFCAB3DC6B6FCFC913CBA
                                                                                                                                                                                                                                                                                                                                                                                SHA1:DE8E400EF3E35129544B383D4B7223EF2A3DEC0C
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B9C80D8388BA82BA70BBA1EE8FBED1ABF6B3AF1F0C78ED5961F7F2597CF64ED8
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:230E064A870DAC52A2FBF2479C99AE0E6F1F6A06F93108D914A0C3F6CD72C643DCEBC9A96197BE01D2F50E3433A1857ACB1AA49601E38EAA9C760E8CD73E3271
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....L...............................................p......[.....@.......................................... ..hI...........N...*...........................................................................................rdata..............................@..@.rsrc...hI... ...J..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1042.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):156872
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.841191801232354
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:iG/XHIrT8jQ3PPpY0yY9OdQ/XXOAkUxHf9tuxBrTTN3z8y437mv:jeT8ePPKY9fXOAkYujh3E78
                                                                                                                                                                                                                                                                                                                                                                                MD5:6E311EB204351CED20CA130502D715D3
                                                                                                                                                                                                                                                                                                                                                                                SHA1:3C88B93D17B77E23BEBEACB3B5EAFEE58BBD5899
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:2F113765D82EFC97DE16D0AE119DE336766924B09299085B2343E30A53C90D2F
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:625BD3F1A368D90BB472462D94777AF408D92713858908F7CE67F4E876A0B4B75C5F50EAC0721AAD611CC1AF1F1D7299CD0031B8F9B427021C083BFE9D7FA75B
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....8...............................................`...........@.......................................... ..h4...........:...*...........................................................................................rdata..............................@..@.rsrc...h4... ...6..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1043.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):298696
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.6290753361158727
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:4G+v0KKa02GVl71eOTnhSx+0hdPLWa/zwiJ07kVliIlJE5E6pFCASYxKxYMe7NnZ:AvKm9ScE7N
                                                                                                                                                                                                                                                                                                                                                                                MD5:AD02CCFD38CCC93540ECB59F0F25685A
                                                                                                                                                                                                                                                                                                                                                                                SHA1:700A8DD8DA55F15B0097B596D23D474C45DB634E
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:E22323EA732A559E283A6987986DECD32F5C7E1656F25D3004758D1A794649FC
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:B9598B6373128400D636F23BF3E629FF78DC91CEA00DB5C92B147EB80313D3A904D66F2D6D1067713A310A92160570F16C41091EE1AC0BFFD4CDDABA24F4F255
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....b.......................................................E....@.......................................... ...^...........d...*...........................................................................................rdata..............................@..@.rsrc....^... ...`..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..81...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1044.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):270024
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.67598554900099
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:LGgMYbueTfZOaRLl/TPWBPgfJ9yBIwSk5/apG24VPeEfBGtqeRBLK/v2PS1gAYeg:triYeKrx77F
                                                                                                                                                                                                                                                                                                                                                                                MD5:2552D31930D3CA59958BEAA44A2ADD56
                                                                                                                                                                                                                                                                                                                                                                                SHA1:EBB665402E280B277F7AE3D5393D92029C439B50
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:5EB4DFD1105B61AADC5B66DF130F95E3E9032EB68C39A28203020F861AC87370
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:E308BFBAC7126C117173E4B327CBBFAE89D0BF1A7995C4B0264F54DE370534E8BEAE95EA393084F9BAC57D74F6FA201D13934E571E9AD15A9E735F86B3DCDF43
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'..................................................................@.......................................... ..x................*...........................................................................................rdata..............................@..@.rsrc...x.... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1045.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):304840
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.8791402463294142
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:+Gi9PgRHXQCny048tEy2aJfuoedLuQKqo4z7W3:aBg79qy3JIT7W3
                                                                                                                                                                                                                                                                                                                                                                                MD5:16D4A92B55F53FD7A5F9953B3DF55F15
                                                                                                                                                                                                                                                                                                                                                                                SHA1:9F0CA323C47CA1917A99C4914FF90F56674A21D6
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:39FDA418D546758249EDA96A66265D31DF72D0387FD4C16051F21E819699DA62
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:29E20666F4D27D05B643E247AFBD8C6F281C50BDF71F374CFD182863D3DB2995CF2EE2F9145F51E7A4FA6695DF1DD543C6A6FCAFD7D6F9863B54FC3025238038
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....z.......................................................3....@.......................................... ...w...........|...*...........................................................................................rdata..............................@..@.rsrc....w... ...x..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M...I...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1046.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):294088
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.6581742426517487
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:8G8+B0rEcMnC2Ewumjv8ggFBLfk2hxvosC4bXm3hoO/miMBvLnY5yGkUSUIx6/2P:2YcPBvLnYIL/s7nK
                                                                                                                                                                                                                                                                                                                                                                                MD5:2A31AED597036F34519A32E81E424A22
                                                                                                                                                                                                                                                                                                                                                                                SHA1:10BCDF9EA54360760AF00BA07800BE6FFA2647F2
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:EE139C01547DD390B6016B48E30BEA772C6F1ACABE7DE34D9429657FBFD830BF
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:8D780305D63B785F11655C341DEDF4DD8E5E388D6FF68FDE0215B149A7B6D968014D2F297A330F0260C528700213552BBDCA47CBCF1589437CD7EC0209F1C8C0
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....P...............................................p......|[....@.......................................... ...L...........R...*...........................................................................................rdata..............................@..@.rsrc....L... ...N..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1048.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):315592
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.765969358188466
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:kBL70sRPwy8RsSNskqf0xZWg5/K4ONYm8DjbOfgstZqTG7y:SRPwM+VsQG7y
                                                                                                                                                                                                                                                                                                                                                                                MD5:822AE42D4B4C95C84BEB528DB1D4FD96
                                                                                                                                                                                                                                                                                                                                                                                SHA1:E9F4DAE73E40EBF80F76E3F7E96507385C69950C
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:A8C5A50E21E5AD58602EA4716A244D9F445F6C297A3F6D3A9429D9C53108D9E5
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1D01061C47042850594C2F571CD6BE8CE0E8AD3A2DD0BAF50393CDC9426559282DD213BF25E14A47FCD5B4D9CEB2FE65121A2146587DB6637D76CED8B607DF51
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.................................................................@.......................................... ..H................*...........................................................................................rdata..............................@..@.rsrc...H.... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M...r...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1049.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):282824
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.252810215644981
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:9kGXcb3G+prKUkq5zbZSBTjZGZjWav2HH7km7y:eGXQ3GkrKUkq1ZITdGRWav2HH4m7y
                                                                                                                                                                                                                                                                                                                                                                                MD5:C118A00E4BE13B503630B30E85262D7B
                                                                                                                                                                                                                                                                                                                                                                                SHA1:67494CF59399F785AF70E956FB75950C84F41E4B
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:4CB8995E10E24E135BC68E806D64ECEE677E8C2196DAE18CDA92E10928A3526E
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:4E765BAC889E4B086F187D6319E17B8C7D1406CBEED89D67A5965DEF9A806CEB8BB8F510EE9FFA82727A043E558EA75E7188A237D95B38726007C977C25C8ABC
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....$...............................................P............@.......................................... ..h ...........&...*...........................................................................................rdata..............................@..@.rsrc...h ... ..."..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1050.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):294088
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.749705519684699
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:nG6wUkEouTt8mmwkuvBi/NfmlDPhzCpadAFM/jg3lALwY4x75:pwUA6lmWC9L75
                                                                                                                                                                                                                                                                                                                                                                                MD5:C2C35AFD2682650D542F932D3E4076C4
                                                                                                                                                                                                                                                                                                                                                                                SHA1:7BDC77F978AC6A7FB267C894C05FC73338EB29C8
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:6E09B523C5BFF6FBD3861ACA0591E4893D99D3A6E6C6CA5DE97F9E3811697C57
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:A7B7C49CABA606368A7BAAD01433D3FFFC8607B5B28160261DB82E74ED9449D81264EF1374F6D0ECA867233AEC761EA092DE99146F3C356C56CE56C99B8DE20F
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....P...............................................p...........@.......................................... ...L...........R...*...........................................................................................rdata..............................@..@.rsrc....L... ...N..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..8....rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1051.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):279752
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.92700074358136
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:xGf9r1z5E4O4XFtr2LWX0sZp3AB7np521GRUgryv9DE1BfstLswf82trxqt2h7P2:q13I6GDS57w
                                                                                                                                                                                                                                                                                                                                                                                MD5:1F70B50542027F17F49C02B28278376B
                                                                                                                                                                                                                                                                                                                                                                                SHA1:90796B6546DC34C011716D041EE1D5CD8E988CC5
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:96C23614B25F996C6CC6C5DC01C1B25EA7B88B635EB4ADA0D0075362336E2310
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:A81D689366C45F20C710BA309BB3A3B658C90BFA810EA695BFC964C4C8021FA7EDEE11512C73F49AFA674D7A83D6B852B4BD0500D9C8DB6F24068DA2B72F857A
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....................................................@......T.....@.......................................... ..@................*...........................................................................................rdata..............................@..@.rsrc...@.... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1052.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):99528
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.182280883517871
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:1vnphI3J0F33dUUFwSdCG8CTzExQmGeapZZ+SQDegeO2NcRxvXWx3Fzkb/5dqbQe:dn6qRuv+PTg0Pg9evRKrmFqYbXw7kp7l
                                                                                                                                                                                                                                                                                                                                                                                MD5:588534691D69C89C40667FA7629BF8D8
                                                                                                                                                                                                                                                                                                                                                                                SHA1:D819FAF2F647E8609FE07087EDAC2972A86A43ED
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:60949121F9FF0F32A05FC0F4C13BE21C5E7F34EB3EA13DC67AA81E2C2544321A
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:7A33DD46569E9924FB4D4A11679612E46E89038727CF2E6E086D116335470D8A11F42CCC3F852D4C8F86FB8AB6FCD210A6182B3D6518322FABB31AEE695F32BF
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....X......................................................$.....@.......................................... ..hT...........Z...*...........................................................................................rdata..............................@..@.rsrc...hT... ...V..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...;...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1053.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):275656
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.6950013545179026
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:RGdN/ruqQv0GWYIuzj9CUtw4GdXPO2iaNpQ2S/nsuZs9+UTBc/EEEqJ5OS0qZNXJ:75vrHiiYQLZTQU865F7h
                                                                                                                                                                                                                                                                                                                                                                                MD5:011105CC7ACE5414B2246FCFCDE0DB35
                                                                                                                                                                                                                                                                                                                                                                                SHA1:619A353D40474C47DE44A01EC86AED754535A072
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:1FB9E920082E09727D249A4A828ED3D502ABF98CDA1B263EABFD7D44B6BDE80B
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:A4ECC409940B00BDFA1393780EE2037F959D9820DA63A8BC83ABB308C8A7D77BD5750D207444F5689B60067526094C9F4DFFF5FB14EC024CCD937E87820C7F90
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....................................................0.......S....@.......................................... ..(................*...........................................................................................rdata..............................@..@.rsrc...(.... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1054.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):263368
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.407292085255587
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:XGsGZVlvS/+Mg9z7d+iBeMSYHC4q9n3weW5x7sOCM4+0R3mBnBxuuNWE4x7C:FFb17C
                                                                                                                                                                                                                                                                                                                                                                                MD5:C0D27203BBAF182E7EC16C03CC18E603
                                                                                                                                                                                                                                                                                                                                                                                SHA1:74A36B7C13A593874D9438ED86B291B37A124264
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:A82DA0EE778CA831D5C0EEDBC63E2F4D3A2B8368B4D06BD9C7103B29A4423FA7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:D023473302C3C405886120ADE7182F4590E5FCDE717E721F49986F786FAFEBE8F7701AB712361A5B43BA5A2AFEEA8092B5EDA940929CAA23DDAA88F2D579DF96
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'..................................................................@.......................................... ...................*...........................................................................................rdata..............................@..@.rsrc........ ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1055.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):295624
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.8677159534973438
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:LLyXxJRrlN6ryL4cfG4cPDYU21gPHapU7q9:LIu2Oh7O
                                                                                                                                                                                                                                                                                                                                                                                MD5:E21083F3DB6D2D26790725067C501DE3
                                                                                                                                                                                                                                                                                                                                                                                SHA1:95D681689D14B95741D000671C3406FF2F79EF16
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:3AABAEA883CD18D024B3A46E8969434388D7ABAAC051CBFA7BF40C3C784EC973
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:4C93942B6BE9B1ED57733D0C35A3FCBF4F6CC9D5412CB7A8F445BF73B829A8ED9BEB7B0EABB289BAD27D4827C3F9C9B7ED2712D7C8ED6C06884A995E880FE288
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....V.......................................................S....@.......................................... ..@R...........X...*...........................................................................................rdata..............................@..@.rsrc...@R... ...T..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M...$...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1056.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):281800
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.179781921357504
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:ykGkKZhqDAmMj5RKgkLth+GroS0m7kq47z:DGR4Mlj5Rw8m4L7z
                                                                                                                                                                                                                                                                                                                                                                                MD5:057DEC0C5D7D99558EF6D1BB2FFD0A0F
                                                                                                                                                                                                                                                                                                                                                                                SHA1:ECBB53CA7DBA361169FB496EE150D23784A9DEA9
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:06E93508F1106DF3C09A8C9D721B159F46C83B0D7C7F7B96138C767183CE6713
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:A1FC1B3F99220B18835F64234AB24F349AF699A5B3AD8652400B1EC20C57292F8EAF988D25240439EF4FC190A3AE0E126E3D536CAA7E53D725C320267D2A98DB
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'..... ...............................................@......=;....@.......................................... ..x............"...*...........................................................................................rdata..............................@..@.rsrc...x.... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1057.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):284360
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.6380420427259863
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:+GsuYsbkLRyB37XqlkJq5WicwPALrbC/hDiyxbDsalR97gAnKAB47i7o:VB3Tqe1r+/h+q5bqi7o
                                                                                                                                                                                                                                                                                                                                                                                MD5:4DC234DD0DD7530014046C31908D58D5
                                                                                                                                                                                                                                                                                                                                                                                SHA1:EA7BCF3DFFFACCE8B30819B68A8EFB1DD7E97B2C
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:8D1EBC4308C980A30333777DDB15AC5C097BA5D0524DEA720EDBA0985446A146
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:CEBD76A741154CD027887CD5BF54BF8BC3BBAEA4E0CA1708C623C5C627C764C3727005CCD23A72852F30E33CD125F52A6A6314CFDFAC7B947F1E33D89595978B
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....*...............................................P............@.......................................... ..h'...........,...*...........................................................................................rdata..............................@..@.rsrc...h'... ...(..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1058.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):286920
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.276685823411697
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:7kGawwhopP2Zxej/14KD6+IhMEDdQP2YBMlwOd7kd74:wGpwm2ZxphhTDdR0UwO4d74
                                                                                                                                                                                                                                                                                                                                                                                MD5:9B2ED8BC27B59AAFFAA57DDBD71229BF
                                                                                                                                                                                                                                                                                                                                                                                SHA1:22D63A2BA10D7EEC34804DC9B0BAEBBE9C2E5AED
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:31191896CB12F4C9807F62AC0C824EA95E4F3F9AA9C98DB715B55BD6C35F4768
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:7A603E639F04B772DC1E45425013611058FF27E2BB14A5FB69A031C9A48865B64CCBB6B34AA899CBD40C86CC0A34FF2E6FCB14193B52CD6F02D5AE277C82ACCD
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....4...............................................`......9k....@.......................................... ..X0...........6...*...........................................................................................rdata..............................@..@.rsrc...X0... ...2..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1059.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):280776
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.279429859585035
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:akG4cqKwOzGdrZb9Yz7cV3mjN+EGtmoQY77kN74j:7G43KEV9YXSOatp74N74j
                                                                                                                                                                                                                                                                                                                                                                                MD5:59FCE9340202E0DE066EDFE7DD5B0698
                                                                                                                                                                                                                                                                                                                                                                                SHA1:56EA37AA2E154D4FC1FDF643D74718F6EBF33740
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:AF2A8FFCC06FF11C9147EB70CDCC2D60FA72769099596088D1D1DEDFFE1269A9
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:00A553DAD210874DEB43DEB7D774D9C4630D8640901A016B2A850D84836EC479FA2AE74066B544BF7BE5D5BBF01E38799CA7C59076CDCD7AFDF3BA01F9D2445E
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....................................................@............@.......................................... ..H................*...........................................................................................rdata..............................@..@.rsrc...H.... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1060.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):298184
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.733417848104649
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:/Gd86yNfB+pb7tT0yRVLX90eNfVyYoD1sFN1pmg4r+JkEKvperPV/4JmZIdiZbCC:XuJo7Kz
                                                                                                                                                                                                                                                                                                                                                                                MD5:C845F51D0A9626E8B92315D9DD057D3C
                                                                                                                                                                                                                                                                                                                                                                                SHA1:08ADFFC035A6E3C3D289F446365AB114125548D6
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:FBB2C7A159F3489CF2F28D112348B83D906475F15087F8DBF72D67DA3D0A87E4
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:FD3327A9420AFCBF8CEE46EAC8702610336C33E65BDF04363563A1734E0C7F8186E3769EE7E8ABE1930224A8FD4C27E19F6A834D697F0A5177F774C15BD9DDA4
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....`............................................................@.......................................... ...]...........b...*...........................................................................................rdata..............................@..@.rsrc....]... ...^..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..P0...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1061.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):270536
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.679348845841885
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:x56PYBjrXQL4Kfmdlh7+3KJcmO4ALJ+8KQ9ah7f:MmTh7f
                                                                                                                                                                                                                                                                                                                                                                                MD5:DD4E8027B6F9830D5B1369C15000E5EC
                                                                                                                                                                                                                                                                                                                                                                                SHA1:7930AAD919153A2E8BED5F8C571F582BAA8460A2
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:DA47254F852868F0AE31EFE878A9B9DBF451444CD758D3EC0E81CEF545A44B33
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:FBF702E8F5D8A843FA362F773629363A1CA8862A329D0DA99D680EB3BF280DECBE35113DBD18CEE42A4B950A7E4FC37E077E55B74B7D9082882A467B4CCF8531
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'..................................................... ............@.......................................... ..X................*...........................................................................................rdata..............................@..@.rsrc...X.... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1062.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):279240
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.880165533544387
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:AceKjdwhrF1ddAG92XHeoagB3hDhFr/JR7c:SjY7c
                                                                                                                                                                                                                                                                                                                                                                                MD5:A6B75435060AE801A46F8E2F130F1191
                                                                                                                                                                                                                                                                                                                                                                                SHA1:C8A395680949E4E35CEE156412F9456E44561818
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B1650F1B5EB5AB1A80BB609044250A29453CF95C282EA32E0E8D7DD5B9B346F3
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:F0361D02B732BE37F27C169E8856E0DAE4E28974E17F97406C033AB0757CCD6BCA47EECD45439FE1905F713A2CD364CA43593F38ED6E1FAE43622B9DB4F3081E
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....................................................@......=.....@.......................................... ...................*...........................................................................................rdata..............................@..@.rsrc........ ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1063.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):286408
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.839543792827281
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:0G6lFxILT3wHKd4OZkhEXSKybX4AwlCTWgVEhm5f6UsAJ2QE0PGZytVEaLpglnf+:TIKUeys7y
                                                                                                                                                                                                                                                                                                                                                                                MD5:A6C320C6644C530D057C182EFA143714
                                                                                                                                                                                                                                                                                                                                                                                SHA1:7D0B1A2A567885EF05FC2C80F422E96D54F72671
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:45E53B489FE1B7052C585965AD8EBF9584B7FCDA409FE2E37FDE1B934CEC2B28
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:0EB113F299015C55EEF03FE3B1E645B8BD51F8143E74B774F27ECCDCE7D41881A4D0A4C24EF812DB86FD6A1C7AA757BCC1925BD71E5392F2EEE92ED5E672DE7C
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....2...............................................P............@.......................................... ...............4...*...........................................................................................rdata..............................@..@.rsrc........ ...0..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1065.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):280776
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.1301218437996665
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:76wg6afnELw1MO9sQKjY97MH5kV9IPWB7t:mwg6aMXe7t
                                                                                                                                                                                                                                                                                                                                                                                MD5:78593B8E827E39E366B2714559016AAF
                                                                                                                                                                                                                                                                                                                                                                                SHA1:B8DC51866AC0304039A946EC247DD3B4B3FA36B2
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:8FB2CA3D81550FE30C70043F643F3B71117D5FB6AC75440BDAEA4A4E402F15EB
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:F135D93F52705014EBF23E6FD5B1E26759295F940EFE95A2E2949C6615BE3650C45E813B5B8A08A65FD9D8057DE9B9CD4A90EC90E8978CC04F2B6B5BC1AB491F
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....................................................@............@.......................................... ..X................*...........................................................................................rdata..............................@..@.rsrc...X.... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1066.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):291016
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.223488066061963
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:EGSHQbxOJJveSX8b1oHhEoMM08OAy8TIvZZVHZPNXd4J7o:dxOuSZ08U8OZr/Xg7o
                                                                                                                                                                                                                                                                                                                                                                                MD5:5433FD8AC15F978DC9B3F7284C19A652
                                                                                                                                                                                                                                                                                                                                                                                SHA1:7B1618C8A524B36504E73547D5C0534D9A6B6806
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:F939020BEB16F25FA7DB1D383D2866F18E073DB90A168F9B9ED649B189E5933B
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:65AE3A8C2D4441A041CA9D6BE6C5B4BB78F8912B4FAB7FB6EC2DA50196AE0A45D88CA7B6C38F4F662F19D7CE68AD3353C87284A534AD6E4FB9F6F2E086757B16
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....D...............................................p............@.......................................... ...A...........F...*...........................................................................................rdata..............................@..@.rsrc....A... ...B..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..X....rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1067.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):97992
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.756526348282078
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:aVRKRwjihIlKVSYMOv2RLT7KooahF6LAIUjmuJ2DispH1aNv73gsmfAsZATeg9e1:EQyXThwi0Yeg9evQ1rmFqYr487L
                                                                                                                                                                                                                                                                                                                                                                                MD5:204AB6394625E02384C984DB75287EF0
                                                                                                                                                                                                                                                                                                                                                                                SHA1:4E00F24E3827EDFFFC6C1E7724BE055849887092
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:BBC9930B6D6DB1087F0E2841C86C4200CCAA3FBE746846A03AA72A8815020BDD
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:29D4F4E6F6C3BE065330C6AC9576DC1FD0E2DDC221EC46466E191559CBE5FAB62B5EA2263469E8E5E74533812A8D11A6F5FA412075EF957B4762DA1388964291
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....R...............................................p......".....@.......................................... ...O...........T...*...........................................................................................rdata..............................@..@.rsrc....O... ...P..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...6...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1068.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):97480
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.31307750666615
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:P8OWtBFOFKSvrNse08AsdUMJ8vlKnMTg0Pg9evRKrmFqYWXp7ksN78:UJBYxselfGvlKn4xPg9evRKrmFqY64eI
                                                                                                                                                                                                                                                                                                                                                                                MD5:1E06AA2D57B1DF5A43EBBDB590F25013
                                                                                                                                                                                                                                                                                                                                                                                SHA1:EB10AE281BC9C17A5A6EE794FAB21BD1E358F663
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:1630966EA5FD3ECC0E4668ACCF73430C2229DF84D07A5DE92F5CA17F217A464A
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:DECF3342AB4676FF0F8C49DD84747B1F21565EF29F1A94356438A705CEB108BCF33DB0B60C77C12150CE94961B8316CA5A2EAF823DB5A8AFBEBE973150400097
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....P...............................................p......-.....@.......................................... ...M...........R...*...........................................................................................rdata..............................@..@.rsrc....M... ...N..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9..P4...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1071.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):106696
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.697423003115933
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:OIfvxxMq132FYhTaWH1zgdevRKrmFqYh4o7m:w3WHc1g7m
                                                                                                                                                                                                                                                                                                                                                                                MD5:1701E299B661EC3859BE80EA47DD13EA
                                                                                                                                                                                                                                                                                                                                                                                SHA1:E356182BDC9428461EC955226BD3F6C25FE5C8E5
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:9638C29B1AC1E4C199A7792B6A764DD0BF1BC38F0143ACB17A001632061CB165
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C8B97004ABCB28EC8FB6D6FB19A7580AC33CAD88F41F938143F957C31F5214412A54DA9CBE6180DBE3BE754B9A9B59935EA740C04D087AC7115A38A85225A1CA
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....t......................................................j.....@.......................................... ...p...........v...*...........................................................................................rdata..............................@..@.rsrc....p... ...r..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...W...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1079.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):99016
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.823853954295383
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:VMim7E6UZ2gL/VgFvSDKBMTg0Pg9evRKrmFqYWXz7k47a:4UZ2gLdIvSW4xPg9evRKrmFqYI447a
                                                                                                                                                                                                                                                                                                                                                                                MD5:833955553AF99CDB7272A3A7E7A68839
                                                                                                                                                                                                                                                                                                                                                                                SHA1:A9815DAD32FCD15D6DE615F150B90774253A5B4F
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:D70D718F9E98564B1197589B21A450F7534E486E94F913FDB46EF81F11F32C4D
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C128CF69E84E79B25003B85199024A2B405747766BE259F67C6DDF97FE5084014FD63F69EA88E1093FE18B6074A1DEC026F57BEC135CC86EC81FD914DB66DEAA
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....V.......................................................%....@.......................................... ..(S...........X...*...........................................................................................rdata..............................@..@.rsrc...(S... ...T..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...9...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1081.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):283336
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.291637032376391
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:BGxYNQ0qtd0dvEGLYxmdFZhBhThkbX+IZPKc/Rdr1trcMKeBzAWTJ3z+bhAqanV7:Z0vkswqtk6taMtI9k79
                                                                                                                                                                                                                                                                                                                                                                                MD5:5AD440DCF86A6652C557071F1F74E30A
                                                                                                                                                                                                                                                                                                                                                                                SHA1:1ACCBE09A474A4684A69FA6CBF90C008CF8B7A74
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:7334E105FA9B194C708F833EBEF0283FE5846B8883B3BAFF0FCA6B2881EBB5AF
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:77F7914448D129CBFA1253E41388B4DBED92843965E928FCA09C71481197DC4714AB167C796336B5BF7C84AB29C4C3AE8EC0D46EDE87A43DFFE7F5E88CE9E511
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....&...............................................P......j.....@.......................................... ...#...........(...*...........................................................................................rdata..............................@..@.rsrc....#... ...$..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..8....rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1086.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):295112
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.590360341142837
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:oGFPT5+FhMLQfug+iPPyq2UnAFbHr4C7h:Jwk7h
                                                                                                                                                                                                                                                                                                                                                                                MD5:C9626918325B2C3DB0C1B2FC56E0B00A
                                                                                                                                                                                                                                                                                                                                                                                SHA1:A659EAC1AAC7B35C4946BEA0EA3E72043CBCFA08
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:2C84BAAAF781B79F329BF0AAB83E73DC65B7BE525EA521D9E25DF30DFD096B88
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C25C1AE1CA19A757C0366622077CADBA625C398A49B1B2C9966EE076B6BBF96F19BEE370D904DE8B764D3F70AC003E310267049A0ACFF18E87BBA0CF1FC6DF19
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....T......................................................=]....@.......................................... ...P...........V...*...........................................................................................rdata..............................@..@.rsrc....P... ...R..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..0#...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1087.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):95944
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.743089479214002
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:U8xbxAJ6vrN4mB/jx+dnwSp69vhdFUxtg0Pg9evRKrmFqYJ7kP37A:rcqJIwlvhv4xPg9evRKrmFqYJ4/7A
                                                                                                                                                                                                                                                                                                                                                                                MD5:3A89F6B29E51393D9777CC3306872C07
                                                                                                                                                                                                                                                                                                                                                                                SHA1:ED814B88B064C472D8275751A639D87631C27E67
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:AFEB320FA98E092004D4794EB2252907C20B05F2D9258045D567A6142DF8CCA8
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:B8823E4501E7B7CFF2A5ACF289664D04AB1D52E7A70F251C2F6B2035F2D4BCFBF50B282BC85E5A62C4B56FAD9E7DFDAECD2A2FA73A7C9BC9ED4669C90281CBDD
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....J...............................................p....../.....@.......................................... ...F...........L...*...........................................................................................rdata..............................@..@.rsrc....F... ...H..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9..P-...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1090.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):107720
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.234824492688907
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:wUxZ5eiAoalbBP+98CddkERRc5ijjsfaWIG0LwB0spaS26NDdNdmVesHAn4qoqIU:QVv79
                                                                                                                                                                                                                                                                                                                                                                                MD5:168A72FBC8600C705496C5FFB41FF7B5
                                                                                                                                                                                                                                                                                                                                                                                SHA1:66FE81CDB4782D71502BAC2983132C80327393AD
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:70AA186986BFF2ECC3D1B260DDA5A9705BD01FBF055B02D23D5F09D02B7FFBA6
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:0798E5E2729674A2DFFEA72497D1B955A53C514A1948EC606D348DA2EB8E2EF7817011051E32DB91A472F8DAA5E6CB54F7E8A671CB271F48A383B0A2AA7ADB75
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....x......................................................WP....@.......................................... ...u...........z...*...........................................................................................rdata..............................@..@.rsrc....u... ...v..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...[...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1092.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):95432
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.854905298855171
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:v2E8pozpgNaKTnEcNS7vO0MTg0Pg9evRKrmFqY+C7kL7W:5826aKTEcNS7vv4xPg9evRKrmFqY14LK
                                                                                                                                                                                                                                                                                                                                                                                MD5:D6AE3D226DEBCF5744910AFD6737A66E
                                                                                                                                                                                                                                                                                                                                                                                SHA1:DA296778DCC30F69D768020E947B7DA153FD59D6
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:800DB8A4A25184380664D060195DD9CCA20CF5F106ECA6F3901F48C9BE4A5E13
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:9AFC76758408BD45BC30CB3727776D43862FB95F8B46C1D79E3448FE7A37010C1DDE77DB0B8ADAE7A64CFC13E2670B25F6258B61AF6D1FD30FE65874D2EE3787
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....H...............................................p......J.....@.......................................... ..(E...........J...*...........................................................................................rdata..............................@..@.rsrc...(E... ...F..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...+...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1093.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):287432
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.347992008265004
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:6GX+67kbZODyYhn1i5N2DA46Erzs+P3C+xIasNu4CyZtlZit4D7q:VkbZODzhnFDAUzs0Iaeu4CyZtl0G7q
                                                                                                                                                                                                                                                                                                                                                                                MD5:792D8E86AD4EE7035E9AFEC845E3A1FA
                                                                                                                                                                                                                                                                                                                                                                                SHA1:FF6DC8EEB1AC93EA88261DB0FA80FD9B68F939C3
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:7E4ABEABA9CF6864B8A9F1DA70911FD315932A4B75E7E375209AAD3A2228E264
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:036EA3E36B48B7D0104B4E18B04A118E844E99B28D52F8DA17D597E35148DDE3F168E2211FE0A1671D204556D38E13F25B716C2AD6C0EBC9AA43BEB1BE61C832
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....6...............................................`.......D....@.......................................... ...2...........8...*...........................................................................................rdata..............................@..@.rsrc....2... ...4..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..H....rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1102.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):100040
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.7386358081687945
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:oQ+vvrNhPw/3mdwJ3vJbMTg0Pg9evRKrmFqYWXN7kj7I1:uRh4/cGvZ4xPg9evRKrmFqYS4j7I1
                                                                                                                                                                                                                                                                                                                                                                                MD5:799DB3231A95F4F1D5C15C345F720918
                                                                                                                                                                                                                                                                                                                                                                                SHA1:6C6A33011C86D17F3FB7EDD6E838DD207F9BB2DE
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:3D47190FA42BDE4D0DA89F08BD4E21B3D75E1093FFCB8BA87A40C3BC57DA622C
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:4001D116FE3F0F7A59CCA93926DF1D91A309E9649E69FEF655E2412C983D1E2845B5E9E4EDB7854FADE747920ECC611208CAF1A2499F5D8227438CF03487C979
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....Z............................................................@.......................................... ...V...........\...*...........................................................................................rdata..............................@..@.rsrc....V... ...X..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9..`=...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1104.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):97992
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.765733387635813
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:46WKkcKSdmT/ya7LLuPaCdx4vOw38M1g0Pg9evRKrmFqYWXN7kl7g:9WnSAHaH8vAexPg9evRKrmFqYK4l7g
                                                                                                                                                                                                                                                                                                                                                                                MD5:4B57FD2855552DFB6E2BA35B4806964F
                                                                                                                                                                                                                                                                                                                                                                                SHA1:BF726DADC65CD83295C641F7B8101D90187DE028
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:C88B71ACE5B8CF244B0FB2AFC1A4C17329F4716F752DA544602194321C0CE847
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:09C3533CD487FB00B5567DFFBD6F4EF0321178F59EC6B10E31EDB360FEA07A73C195CB1DCE73BC76328CED846D7819BFFCA2FB6BA798A9053FECDEAD81D0382B
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....R...............................................p.......y....@.......................................... ..PN...........T...*...........................................................................................rdata..............................@..@.rsrc...PN... ...P..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...5...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1109.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):102600
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.700887499561242
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:QNsWvrNxLllQdwx9veMTg0Pg9evRKrmFqYWXG7k07PA:usI960ve4xPg9evRKrmFqY1407o
                                                                                                                                                                                                                                                                                                                                                                                MD5:1842F5FE46DE45C677878BAA12CCD45C
                                                                                                                                                                                                                                                                                                                                                                                SHA1:976AD2B15BB32AE4DA34A08D2FA19820A233719F
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:1FA911B7601D99D5D466BF00509BC74F1E401DC9B28934E3FE192AFB393C3C74
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:5B2B3DA715FBB061FCAA52B472A45AB4E9D405A6227E05C2E7F2C28C26C68B1A31F62E5CACF1C428C1B9B8DEA511FA08BAD2472D7C19F6D10F28D5D43C34D970
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....d......................................................~.....@.......................................... ...a...........f...*...........................................................................................rdata..............................@..@.rsrc....a... ...b..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...H...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1110.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):97480
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.162478152700381
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:RtVvrN/KQEDdwd9vJ2q0EZqMTg0Pg9evRKrmFqYWX37k3N7s:DL/hE5IvCR4xPg9evRKrmFqYw43N7s
                                                                                                                                                                                                                                                                                                                                                                                MD5:7BD0AA9E08F398349EFC8A66ADAC5869
                                                                                                                                                                                                                                                                                                                                                                                SHA1:243346D6B341D6F564E0733F3335E608DE7A68CA
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:E012626D39759321D5DD8F7B0997A6870C99629528B2B8C3AEE6CA2BDDCE31A4
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:44E10B4F107EBFE2048EB84CDA39B8542FDD3F77FD9FD6BD2F82117F73C16F7F5A224E64189E2FA35FE9D46E3B6018ED7AF6260EF8E247E9342FD4E6D59F58A5
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....P...............................................p......K>....@.......................................... ...M...........R...*...........................................................................................rdata..............................@..@.rsrc....M... ...N..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9..84...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-1155.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):114376
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.0655027898870735
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:8pg4lMseFlQWOc7tEsGGg7gsaVgdevRKrmFqYlyO40e7h:WVx1FX7h
                                                                                                                                                                                                                                                                                                                                                                                MD5:D2C32E53C740279122EE34DE2C4DE7CF
                                                                                                                                                                                                                                                                                                                                                                                SHA1:B6B9D7FB326776D0C4AA83CBD5287ADD6164379E
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:52086F126E9ECA470413BCA863464BFB28D1F9BDB9E86269F58210DC5969BF3A
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:306CC3D91EFA792C165BDDF1E3C7378D023B2538079268536E253B7768B5DBF228929D13EDA9D409285B2FEC20490A4D38C40BB70F7FA6DBA7F0463B24D3F541
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'............................................................[9....@.......................................... ..................*...........................................................................................rdata..............................@..@.rsrc....... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...v...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-2052.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):117448
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.4084588760923475
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:ZGxyn9Exb6Y08VEFxBEsZiDF161Fb3KNTbFhYVYm0MBLs6AJ4s7j:qnCEsZiDF161Fb3KNTbFhYVYm0MBL/SX
                                                                                                                                                                                                                                                                                                                                                                                MD5:52BD1C6DE943B753795A06DB13E7C8CB
                                                                                                                                                                                                                                                                                                                                                                                SHA1:D303A7BC2FED1BF35449C69E6392FFEC2002E4E1
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:2B4CF965E5AFDABBEA9C5575DEC4816F1B27B58F5BB4BCA796F81AF689FC0B0C
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:E6B8D4DABC65DDE53BDEE514EA7BAB9ECD6ED95D92676C9FFE26990EE22E5556CE61BA7794195DD5D6A8EAC711C5A08011E5E0591D5F821C849C9E6FAFE9123B
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'..................................................................@.......................................... ...................*...........................................................................................rdata..............................@..@.rsrc........ ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.. m...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-2070.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):297672
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.644621709868437
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:QGqtz94a2dDACKivroL6+U4/5exMXvsE+DgDCCyie9uS44RdX417T:c52Pc7t77T
                                                                                                                                                                                                                                                                                                                                                                                MD5:A5FC5AB88EA3579FF632B89F303E78B5
                                                                                                                                                                                                                                                                                                                                                                                SHA1:9540D7D11DA74325FB3BA047271BAD865552188C
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:2B8C07D6171B2CA970AA17E1586FF32DE637A411C09B0A2214B8F0462B441F1D
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:8029AE48C6286B323877B7C947E84351481A287F780F2192AEAE725FCAF9B1C31B186000946E90754933C9F3BEECC12BE4358788BEAEC2AF1FCD39BB8EBF4782
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....^.......................................................k....@.......................................... ...Z...........`...*...........................................................................................rdata..............................@..@.rsrc....Z... ...\..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..0-...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-2074.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):292552
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.7502607734239897
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:pGEuN5SiRYJ5ynmF05tB8HxPNQImSNi44uN7RB:hBiaQYr7RB
                                                                                                                                                                                                                                                                                                                                                                                MD5:10F3E61D76AAACD07E95C0F14095E41C
                                                                                                                                                                                                                                                                                                                                                                                SHA1:0128EF966DD58B059868A4514A06DC12F2984545
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:09B7DB43A439D114F4C27BC538DB1A007FC3F21353C54AB340F29209D8D36B13
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:2A1E4E301C3B7F6E7F5AFCE2567E50FFBEC9CF3DC16FE39723536FE670BB663F3747D61FF7FD177EC1D05ACF281815AF9FD245AE97BB40205BA607FDDF6BA014
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....J...............................................p......+)....@.......................................... ...G...........L...*...........................................................................................rdata..............................@..@.rsrc....G... ...H..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-3098.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):100040
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.714461113598932
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:2aTftzNluN4jjDovp+MTg0Pg9evRKrmFqYWXw7kAZ7S:5rlISjDovp+4xPg9evRKrmFqYT4AZ7S
                                                                                                                                                                                                                                                                                                                                                                                MD5:CB6046F09230FE049A5A295CCDBB66AD
                                                                                                                                                                                                                                                                                                                                                                                SHA1:6C9A322E08178B049821FA5E17A9ECB33BE556CA
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:EEA308D45A952C3511599E82FEE224F8D2026A24B3953DFBF1A6BC2EE44E026C
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:5A1AA4D500C1ECCE59B2D248AF48A80F886739BE755F895F4DC3C9F484296BDDF08D1D10F4DA095769541EFB86C6698EA624DAC0934E9FD55714601E0177E00C
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....Z...........................................................@.......................................... ...V...........\...*...........................................................................................rdata..............................@..@.rsrc....V... ...X..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...<...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-5146.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):103112
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.183976054926988
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:VWTdQdr3+167bBBAOe6wCBjviagdevRKrmFqYUTS7kd7es:cBB6HvAOQCJRgdevRKrmFqYaS4d71
                                                                                                                                                                                                                                                                                                                                                                                MD5:86B30F157D28953E806E25725FA6B861
                                                                                                                                                                                                                                                                                                                                                                                SHA1:D9AD0F6E197756625171C8E4FE25EFF4B91C2BFE
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:D6960574BF9DC1DF2C53676CB54E94B7F82504B1973C0CCFEDBE43C1DAC967AE
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:34F468B197EA950C925398011542FEA88456B5EC3FF6E74A96C0563A59B2301A0A448C2898C887A74BE55A97D895178A709FB8D356322B45519B3CCC2930518D
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....f......................................................w.....@.......................................... ...b...........h...*...........................................................................................rdata..............................@..@.rsrc....b... ...d..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...I...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Lang\lang-9999.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):101576
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.7387857703328455
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:oHIbKpE+8vrNGbxN8nIvfS+kMTg0Pg9evRKrmFqYWXd7kr7i7:b6SIvbk4xPg9evRKrmFqYK4r7g
                                                                                                                                                                                                                                                                                                                                                                                MD5:7EFFD62972D895CE579A02DF7B442082
                                                                                                                                                                                                                                                                                                                                                                                SHA1:5DA99B397486329977ADC54634B3FFBF6DAC20C7
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:17CCB46D2ABF20391A60D090C336ED13349554D40B407BA6C0813C221991F05E
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:F589FC3584BA678EFE15BC7E476DF9E6193B5A59E317B3282B531407CDA165EBB949BE9BC7329A30F8EEB3DF15076EB0329A908A7BCB8333B1099F6CFF90A392
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....`............................................................@.......................................... ...\...........b...*...........................................................................................rdata..............................@..@.rsrc....\... ...^..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...C...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Setup\02cb0e58-d7f9-4650-aaa3-c382df995438.ini

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCUpdate.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Generic INItialization configuration [Signature]
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):170
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.950846800752146
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:YgB4kRzoGJAEuQwGBL/ARRKJArLr4AMVGVWJovmwA4NfeE63sSVS/rJC2zbkVQn:YybOUwGBgRzGwgYmwAqWEdHQ236Qn
                                                                                                                                                                                                                                                                                                                                                                                MD5:2AF9F69DF769F876F6E02DA18E966020
                                                                                                                                                                                                                                                                                                                                                                                SHA1:5D21312D9BD23A498A294844778C49641A63D5E2
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:473D48A44A348F6C547AEFD2C60DD4B9DE0092E1FB94A7611BDD374783EF3B2C
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:A4705E5491CF03867FD46E63293181BF761D04FE0CCCB86E373DD567C68D646634F64EF95D5B910D2266468B93BF7CDF6F9ACBF576C6F42A4FF6C3CAA09D2274
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:[Patches_dll]..5=http://ccleaner.tools.avcdn.net/tools/ccleaner/update/20180205.dll..[Signature]..s{...,ZQ]~..7..C5.R..+...s- .zy...nn..~.r@.X(.WJ..8t..n..%k.ASWSig2B

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Setup\92a778af-76d6-4186-8535-ae66d08f623f.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCUpdate.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):480648
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.655759441527599
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12288:KptzeTYZP443n/q6LQX5uNllmSJIbbEcgSZ5MQUszT:KptzeKP443nCuQKgSJITgybUsf
                                                                                                                                                                                                                                                                                                                                                                                MD5:FE6F58FB55D9A93502528C3C9BB13A3F
                                                                                                                                                                                                                                                                                                                                                                                SHA1:516275DDDBC9E2F056342201B03A0931D93A6239
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:C427BCF6B065EDF06662E0540E3E9A21C07095184E7BB9D05926DC3B79FC3348
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:7F45F187D6C3156B89E2DAF0C2BFDC60A59140FF94F8255FA672422ABC43AA1252B0FE0FA0A3EF675F9E71C33B26424597C015DB83DEC7F5E20EE8769C61C619
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...................................(...........!..L.!This program cannot be run in DOS mode....$..........I...I...I...&..[...&....&..^.......J.....z.K...r...^...r...$...r...j...@...P...I...S...............H.....B.H...I.*.H.......H...RichI...........................PE..L....5.[...........!.....8...........R.......P............................................@A............................l........... ..8...........H4..@!...0...H..0W..p....................W.......W..@............P...............................text...:6.......8.................. ..`.rdata.......P.......<..............@..@.data...P9.......&..................@....tls................................@....rsrc...8.... ......................@..@.reloc...H...0...J..................@..B........................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Setup\9c909bc2-cad9-48a5-8b4a-a855a60d0635.xml

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCUpdate.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:XML 1.0 document, ASCII text
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):823
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.347446615349736
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:2dKAAierZHv4H6hc8AieasfHtH6hUYqAiezSn6dFfeok:cuietwaKjiebNaFNiezA61k
                                                                                                                                                                                                                                                                                                                                                                                MD5:C2B7C21136FCBBAB61A2B8D64D658E50
                                                                                                                                                                                                                                                                                                                                                                                SHA1:E54848D5C4DFBE0E94A82DC140DD99EE9ECD3EF9
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:EB83E2C4DD5840C912256D39B3E54AC1CED829FF6C198D74B209352BB72D7C33
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:110403FB235785DC1C3CA32A2D7DF53CFCDFCD5072C9638447F20468024D29E856B47DFAD19F72FEBF0058F451721B609022705C4528136C9AF894D8BD1445C6
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:<?xml version="1.0" encoding="UTF-8"?>.<aswmicroupdates version="3">.. <update url="http://ccleaner.tools.avcdn.net/tools/ccleaner/update/ccupdate10.cab" mversion="10"/>. .</aswmicroupdates>..<aswmicroupdates version="9">.<condition version_c="(+=)6278" os_c="(+=)6.1">. <condition version_c="(-=)9727">. <update url="http://ccleaner.tools.avcdn.net/tools/ccleaner/update/ccupdate029.cab" mversion="29"/>. </condition>.</condition>. condition version_c="(+=)9825" os_c="(+=)6.1">. <condition version_c="(-=)11297">. <update url="http://ccleaner.tools.avcdn.net/tools/ccleaner/update/ccupdate049.cab" mversion="49"/>. </condition>.</condition-->.</aswmicroupdates>.ASWSig2A7434CE07A4676D490DE27C2CDDE1DD5D816FDC9ADC8766B04FC7D834E2B3B98A4BC20B7C1FB57D9B4B3018AAF42305797B96DE069ABC5E4CCAEE44EE07978784ASWSig2A

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\Setup\config.def

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):27
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.106377316818027
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:XvVP2vn:tA
                                                                                                                                                                                                                                                                                                                                                                                MD5:05927E894C81EB42C3B4DAE5A5A6C937
                                                                                                                                                                                                                                                                                                                                                                                SHA1:7EC0660AAC7C3396599447A49F30BA18E1F0DB49
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:09C65B39BC891E12956AB7BB30FAE147EF7C8FA37542B6F040613436B566E7F8
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C06E2788952A3550597F5B539CF8F5CF7A569E33192951BC8CE97D4570BD4BA35ABCE99586F309F3E1CFFE6F1D83AEE98B79C0C26503EF4CD4D1FBFB40E1BA4E
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:[common]..DumpReporting=1..

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\gcapi_17324469042992.dll (copy)

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):758272
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.544177497925195
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12288:06hpgkDPRqJpEhD5WCcZle6qZ5eR5+nRognE:XpgkD5qEhUZgFxM
                                                                                                                                                                                                                                                                                                                                                                                MD5:F17F96322F8741FE86699963A1812897
                                                                                                                                                                                                                                                                                                                                                                                SHA1:A8433CAB1DEB9C128C745057A809B42110001F55
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:8B6CE3A640E2D6F36B0001BE2A1ABB765AE51E62C314A15911E75138CBB544BB
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:F10586F650A5D602287E6E7AEEAF688B275F0606E20551A70EA616999579ACDF7EA2F10CEBCFAA817DAE4A2FC9076E7FA5B74D9C4B38878FBF590FFE0E7D81C9
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d...Pt.^.........." ................0M.......................................@............`..........................................f.......h..........x........V........... ......|e.......................c..(.......0............n...............................text............................... ..`.rdata..L...........................@..@.data...D}.......4..................@....pdata...V.......X..................@..@.00cfg..(............r..............@..@.tls.................t..............@..._RDATA...............v..............@..@.rsrc...x............x..............@..@.reloc....... .......~..............@..B................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\gcapi_1732446922760.dll (copy)

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):758272
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.544177497925195
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12288:06hpgkDPRqJpEhD5WCcZle6qZ5eR5+nRognE:XpgkD5qEhUZgFxM
                                                                                                                                                                                                                                                                                                                                                                                MD5:F17F96322F8741FE86699963A1812897
                                                                                                                                                                                                                                                                                                                                                                                SHA1:A8433CAB1DEB9C128C745057A809B42110001F55
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:8B6CE3A640E2D6F36B0001BE2A1ABB765AE51E62C314A15911E75138CBB544BB
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:F10586F650A5D602287E6E7AEEAF688B275F0606E20551A70EA616999579ACDF7EA2F10CEBCFAA817DAE4A2FC9076E7FA5B74D9C4B38878FBF590FFE0E7D81C9
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d...Pt.^.........." ................0M.......................................@............`..........................................f.......h..........x........V........... ......|e.......................c..(.......0............n...............................text............................... ..`.rdata..L...........................@..@.data...D}.......4..................@....pdata...V.......X..................@..@.00cfg..(............r..............@..@.tls.................t..............@..._RDATA...............v..............@..@.rsrc...x............x..............@..@.reloc....... .......~..............@..B................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\gcapi_17324469293276.dll (copy)

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):758272
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.544177497925195
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12288:06hpgkDPRqJpEhD5WCcZle6qZ5eR5+nRognE:XpgkD5qEhUZgFxM
                                                                                                                                                                                                                                                                                                                                                                                MD5:F17F96322F8741FE86699963A1812897
                                                                                                                                                                                                                                                                                                                                                                                SHA1:A8433CAB1DEB9C128C745057A809B42110001F55
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:8B6CE3A640E2D6F36B0001BE2A1ABB765AE51E62C314A15911E75138CBB544BB
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:F10586F650A5D602287E6E7AEEAF688B275F0606E20551A70EA616999579ACDF7EA2F10CEBCFAA817DAE4A2FC9076E7FA5B74D9C4B38878FBF590FFE0E7D81C9
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d...Pt.^.........." ................0M.......................................@............`..........................................f.......h..........x........V........... ......|e.......................c..(.......0............n...............................text............................... ..`.rdata..L...........................@..@.data...D}.......4..................@....pdata...V.......X..................@..@.00cfg..(............r..............@..@.tls.................t..............@..._RDATA...............v..............@..@.rsrc...x............x..............@..@.reloc....... .......~..............@..B................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\gcapi_dll.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):758272
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.544177497925195
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12288:06hpgkDPRqJpEhD5WCcZle6qZ5eR5+nRognE:XpgkD5qEhUZgFxM
                                                                                                                                                                                                                                                                                                                                                                                MD5:F17F96322F8741FE86699963A1812897
                                                                                                                                                                                                                                                                                                                                                                                SHA1:A8433CAB1DEB9C128C745057A809B42110001F55
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:8B6CE3A640E2D6F36B0001BE2A1ABB765AE51E62C314A15911E75138CBB544BB
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:F10586F650A5D602287E6E7AEEAF688B275F0606E20551A70EA616999579ACDF7EA2F10CEBCFAA817DAE4A2FC9076E7FA5B74D9C4B38878FBF590FFE0E7D81C9
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d...Pt.^.........." ................0M.......................................@............`..........................................f.......h..........x........V........... ......|e.......................c..(.......0............n...............................text............................... ..`.rdata..L...........................@..@.data...D}.......4..................@....pdata...V.......X..................@..@.00cfg..(............r..............@..@.tls.................t..............@..._RDATA...............v..............@..@.rsrc...x............x..............@..@.reloc....... .......~..............@..B................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\lc.dat (copy)

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):2928
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.932304874408447
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:+CuitFrFijpv9L68lQiEV8kipmMKFJaNDkNwrwewu9:+CuuFrE5dlQiE+zmMkB2WQ
                                                                                                                                                                                                                                                                                                                                                                                MD5:379D6DAFAF8EDBEBF5D68C4F563AC69D
                                                                                                                                                                                                                                                                                                                                                                                SHA1:FE7CB5E3FF04F8BBFCE7FADE587FD7682CDD04D2
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:AAA86A173E1D43BB5B038DA1DEDC4161F3FBAD2D972322C28CFA641FB585DB64
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1B69B24C363092FD3F35152E7753A1765D030A06EADC77E050E19F32EC60E95AEDB8227FA5794BC5121074A4AFE083E2DFAFE39608238EE441165F863290D4AE
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.R....7.T.=q...|.....]Z.W?.'u...e{..c.b..kSsT.E..'......G.k..h...`$.y._C....\,...B.}..H8ck...Y.1...4%.0f-.2.LI.Cx`.y.W.....H.%rPp).5.'......=[H..r..B;....q.j......p.$.+...3`....W.......C$....n.R....~7..0.M.@....kc..".4%...........~..tI...9..4......n.U. ..I>.9[....j...2)s....4<~.l0?s.7. ...L.q.$A.s..Z.. .s.u...s89.V?...Q.h+*..0..J..y..<.$#..!..D#.s.......U...hZ............]B.......'..c_E...2/.>?v..d....s.2[.Y.....[.:.k...7........u..C?..DqK..3.k..SM..&.n}f.......f.q....a..C........C.4.1..o...m45..k........u>.J.8...fK....V.....6..z.d.]..IV..N.$!.a.,Ulp....J.~....{.|.%T...F.). A/vw......u...E...}@%!M.v...mLT'...4`.o.JPp.J.....`|.......&...2.......H.>...taq..^#.`..g{.....A}y7w"........!.k5$r.....%z...Q...'...L..J....n.l..MJNt...r......=.*...e3.....D).:.n...k.b0#.+...(..(.R.Rz...b.]..s....D?.....#.:a..-x.y..:W3Y>~./H.....w!.p.*Yv.r....m..%Z...r.%/.]Q.....{.YlXYN5.2..U...qR(r.".;e.X......U|.~......g..#.s...iCF....E..u..+..R6...*o

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\libwaapi.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):1067824
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.251391662205412
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24576:lAg2736UJeKSaEKqHbq4wTX89D+4TcmuOtU1O7:lA1pJnSx1bq4wTX8Z+4TcmFtU
                                                                                                                                                                                                                                                                                                                                                                                MD5:13DB0EBB07F9E50570F409C599D70FEF
                                                                                                                                                                                                                                                                                                                                                                                SHA1:0A545B2A7EB4F9B5A04EAB166B6E6C1AF774DF06
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:2F5D18FFFFD04029917F39462D1968208AD176B34EB8A5BC0E61CCFF3D1709A5
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:3B349D81D76CEDB0E429970B80845DB4D434B02699A2E488E612BAB9439BAC4705F52F4407C0A795C91EBD19A729BEDF21DF2D1F2C9F21E4A36CA44450197E8C
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.........................................................................................y................Rich............................PE..d.....g.........." .....r...........}..............................................N-....`A.........................................................p..8...........H ...*......L...p...p...................x...(.......................h............................text....p.......r.................. ..`.rdata...............v..............@..@.data....w...@...V... ..............@....pdata...............v..............@..@.tls.........P......................@....gehcont.....`......................@..@.rsrc...8....p......................@..@.reloc..L...........................@..B................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\libwaheap.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):103216
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.184717021858205
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:5sEMdY59enGtW/zc7fKJP5MYEh1nqZ24X7:Q4iGtAz0fU7P7
                                                                                                                                                                                                                                                                                                                                                                                MD5:48CDDF73630C860C4F2173DF36AF3F3F
                                                                                                                                                                                                                                                                                                                                                                                SHA1:D16DE9B9075C9F5BAD158530189A63AAC855B3F4
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:E54FE2E2D77422EFE0F5B602725A79EF6F31222B9915FAAA440F4FB03A4838E5
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:7D8B2E3FB832E56CDB2739919D9297F95DD6B85A94D76319B6B7E2FA4E0AD50F316C1EB9A6B67CF409E3A242C7BA52D6D4E624E63610263A8D28826EF02B4BB8
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...........Z...Z...Z...N...^...N...Q...N.........]......N......J...N...Y...Z..........[......[.....{.[...Z...[......[...RichZ...........PE..d...M..g.........." ................@....................................................`A.........................................Q..L....R..(.......<...........Hh...*...........C..p............................C..................8............................text............................... ..`.rdata..............................@..@.data........`.......@..............@....pdata...............J..............@..@.gehcont.............X..............@..@.rsrc...<............Z..............@..@.reloc...............`..............@..B................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\libwalocal.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):1938736
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.412498418916844
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:49152:YAGJlMHxUZD+1/59GEGjKYHiJ0/0iqRocc+:PC+D9BYHFK3
                                                                                                                                                                                                                                                                                                                                                                                MD5:694002E27D9CFD4686E2CD77956E331A
                                                                                                                                                                                                                                                                                                                                                                                SHA1:C47B9C6B81096C021B89B6A10A49F2423A5BD569
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:4839ABFA32AAEAD224F8FA62C3D2725A63C82270819D26E3EAA63CA0133FE014
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:A640575FE90A1B9935FA6697C91357EBA1CD8D85E4DA30FE998534E265D3E63E78E0EE33166260EA018E6FA9E2B46302ABF72DFB7FCBE3A1A47C342070E18915
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$...........N...N...N...Z...X...Z...C...Z........o:.O......D......%......i...Z...F.......@.......I...N...........W.......O.......O...N.j.O.......O...RichN...........PE..d......g.........." ................0B..............................................P.....`A........................................P...................P.......d...Hj...*.......'...L..p....................M..(....L..................@............................text...r........................... ..`.rdata...7.......8..................@..@.data............t..................@....pdata..d............V..............@..@.gehcont.............8..............@..@.tls.................:..............@....rsrc...P............<..............@..@.reloc...'.......(...B..............@..B................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\libwaresource.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):5553456
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.985223923298243
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:98304:AZ/VSf0JyAXlnqg5YFKhC0szInLQYVt5vWgAQc6xEuGs+:AZC0gwlnTYFKhC0suLQYVq1Q4uGR
                                                                                                                                                                                                                                                                                                                                                                                MD5:0C20AAF5A6CCBA23DEA1FCD7BFD7D754
                                                                                                                                                                                                                                                                                                                                                                                SHA1:7AA26DDE02D1946DBF7C2C820D357D692B05BC7C
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:89B65194B1A0AD1BDF22E4B593992F887F4504804A1D60378A9DC4016355B210
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:0C1913D3A6777A11CEB9AFF615ACD619DF5DC6A29EA93FD905CCC7AFF260D077CB42AEB57D6EB353D4B0C436E68A3065D541B8D8B00451B3BBBF876CA220E798
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................J...............J.......Rich............PE..L......g...........!..........T...............................................T......qU...@.......................................... .. .T.........H.T..*..............p............................................................................rdata..............................@..@.rsrc... .T.. ....T.................@..@.......g........*...p...p..........g...........................g........T..................g....................RSDS.y.5..@..)0..|n....libwaresource.pdb.......................GCTL....p....rdata..p........rdata$zzzdbg.... .......rsrc$01.....&....T..rsrc$02........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\libwautils.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):3686704
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.266069532160948
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:49152:W5MVHkXXl0C5Hw3mPgXDU5w5jlryYdq4wTBCBkS8Ft7wBO+iKS1cKzwJ/:WGNcQq6xBkCO+iKS
                                                                                                                                                                                                                                                                                                                                                                                MD5:8E90A84282E11ED3100A9D5E39D4A2FD
                                                                                                                                                                                                                                                                                                                                                                                SHA1:1B98EDFE001CA6E28AA675C0F887C22BE6B8D709
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:DDAFBDB58B36E838E6DD053D7CD3C3D89EFE0DF20644F75E03D1AFD6EE5B26A9
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:56482EA488E600183B1A659E928F55387850E671051EE1B4C93267BF8DB82BD2129D233D6A5D59C0CDDF41836D3337049071E78F1222095671DE46EC9C936261
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...................................8...........!..L.!This program cannot be run in DOS mode....$.........m....................x...$.......!......!..................!.......!...............~..}.......!.......!......!......!............!.....Rich....................PE..d......g.........." .....$#..........|........................................<......W8...`A........................................p.3.|....5.......<.(.....:..n..H.8..*....<.,+....+.p...................p.+.(.....&..............@#.......3.@....................text....##......$#................. ..`.rdata..@v...@#..x...(#.............@..@.data.........5.......5.............@....pdata...n....:..p...`6.............@..@.didat..0....P<.......7.............@....tls....a....`<.......7.............@....gehcont$....p<.......7.............@..@.rsrc...(.....<.......7.............@..@.reloc..,+....<..,....7.............@..B................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\libwavmodapi.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):5190960
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.268961435873376
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:98304:gYzlmyFceO5NQpafVmSnVtKw8N6Xt00+I3u+M:gYzlmymeO5mpafVmSnVtKw8sK0ZM
                                                                                                                                                                                                                                                                                                                                                                                MD5:FB23962837D6331ECA819C6CFC70E18D
                                                                                                                                                                                                                                                                                                                                                                                SHA1:A82CB0FE1E95F330251307DB2A1C7B29F37F0A2C
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:3351E2230960B1FB6046C974D3D9796D64815C08A6C0835C8BB7F35B6F59F577
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:70D905268AF9B5AC9E9B8E454DCC956CE0E174C39A8E6F3A92F2F4223ADCFDAD1521B2278E202F7E6C628EDA1DFC954450AF290963AC4196B367220C8F0EA048
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...................................8...........!..L.!This program cannot be run in DOS mode....$.........%r.pK!.pK!.pK!..O .pK!..H .pK!..N +pK!p.!.pK!C.H .pK!C.O .pK!..M .pK!C.N .pK!Y.J .pK!&.O .pK!'.O .pK!-.O .pK!..J .pK!.pJ!.qK!Y.N ypK!Y.K .pK!Y..!.pK!.p.!.pK!Y.I .pK!Rich.pK!........PE..d......g.........." ......8..R......`.,.......................................O.......O...`A........................................`.K.....(.K.@.....O.T....0M.|0..H.O..*....O.(,..`.@.T...................X.@.(.....@...............8.0............................text.....8.......8................. ..`.rdata...f....8..h....8.............@..@.data........@L...... L.............@....pdata..|0...0M..2....L.............@..@.tls....a....pO.......N.............@....gehcont$.....O.......N.............@..@.rsrc...T.....O.......N.............@..@.reloc..(,....O.......N.............@..B........................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\uninst.exe

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):4609336
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.996610068549641
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:98304:FAlhAzmfLmoFO0L5lSX6SXBn1Lnhw6Nov6P3gcvDL:FBkJc0VlFSXB1LPomfL
                                                                                                                                                                                                                                                                                                                                                                                MD5:47D5582A69366ADB257F2E370266526A
                                                                                                                                                                                                                                                                                                                                                                                SHA1:2D6150D585D1371F4F394D9F2CA541C4EF18B416
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:C1BA5608299F90AB050DAE135FC0EA79F6CDB976998A9F8C62ED9FBCA3ADBFB2
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:2D5AFFCE5DC869E36EAD3E0EF2CA6981C620EC6403826A0FA1C37EFFF51277E62B03EE33DC20386F791725195F731379E98ABA76F0EAA7824EF6F27F3ECB8787
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1...Pf..Pf..Pf.*_9..Pf..Pg.LPf.*_;..Pf.sV..Pf..V`..Pf.Rich.Pf.........................PE..L.....Oa.................h.......@..@6............@...........................A......%G...@...........................................A..............'F. ............................................................................................text...vf.......h.................. ..`.rdata...............l..............@..@.data...xc..........................@....ndata....:..............................rsrc.........A.....................@..@................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\wa_3rd_party_host_32.exe

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):2296624
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.637862723238839
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:49152:0BpuZldQQkAezlT+p+alTW5zl+tT1UFq+s056tA25NHiRWuGJybZDq75Yi:0vuVQQk3A346tL5NHivvU
                                                                                                                                                                                                                                                                                                                                                                                MD5:309BD294516051E34072A29FF7D96137
                                                                                                                                                                                                                                                                                                                                                                                SHA1:038A611425A8C432EF75CA726592EBA8A4770E43
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:8BB858F98296B2C402CD7766EBEFBA183BEECA027A915DE710BBD4AE4692A8DE
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:B276677E7D337DCA3E24F57505F1968E564956649FE926350EC82D990801B50EB62AB12AC6B0DED4A8DC7A6E18F85B83D6160DB84ED339F95EFD4E3438FD53F2
                                                                                                                                                                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.........p>...m...m...m..lv..m..l...mVn.m...me..l...me..l...me..lA..m..l...m..l...m..l...m...m...m...l...m...l...m...l...m...m...m..m...m...l...mRich...m........PE..L......g.....................V....................@..........................p#.......#...@........................... ....... ......."..?..........H."..*...@"..%......p...................p.......x...@...............<...l. .@....................text............................... ..`.rdata..zp.......r..................@..@.data........ !..z.... .............@....didat........!......v!.............@....tls..........!......x!.............@....rsrc....?...."..@...z!.............@..@.reloc...%...@"..&....!.............@..B........................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Program Files\CCleaner\wa_3rd_party_host_64.exe

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32+ executable (console) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):2892080
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.399497194323493
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:49152:1yWKeLO9VgpshjgKyycgwk5dB8sd5ICq:1yWdpFvk5Rw
                                                                                                                                                                                                                                                                                                                                                                                MD5:0E11E9D3C16F6B0F59EC10488A36A415
                                                                                                                                                                                                                                                                                                                                                                                SHA1:A401CA2F14AEC751F9085588C664B3855A01CBF4
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:E929FB4134BE0089AEE1E84940D9C44D898503C46FBB5417F62DBDE30F2CA922
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:9F4A4657D99E1A2C3A692776BC3E27981C5971ED47F1C37824C7CE4A8ABDB1BD4730296BFCEA6A4066DFB14F8E2B839C71856F36608517CD1D0B271BFB600CAB
                                                                                                                                                                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...................................(...........!..L.!This program cannot be run in DOS mode....$..........<V.noV.noV.noB.mnZ.noB.kn.no.#.oU.no..mn_.no..jn~.no..kn.noB.hnT.noB.jnN.noB.onG.noV.oor.no..jnE.no..fn..no..nnW.no..oW.noV..oW.no..lnW.noRichV.no................PE..d......g.........."..................?.........@..............................,......^,...`..........................................L).X....Q)......0,..?...p*....H.+..*...p,..*..p#%.p....................#%.(...P."..............0.......L).@....................text...<........................... ..`.rdata..r=...0...>..................@..@.data........p)......\).............@....pdata......p*.......*.............@..@.didat.. .....,.......+.............@....tls..........,.......+.............@....gehcont$.... ,.......+.............@..@.rsrc....?...0,..@....+.............@..@.reloc...*...p,..,....+.............@..B................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Network\Downloader\edb.log

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):1310720
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.8467858741428692
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:gJjJGtpTq2yv1AuNZRY3diu8iBVqFpsLpb:hpezNZQd58ivLpb
                                                                                                                                                                                                                                                                                                                                                                                MD5:B48718559BBC43FF6F964A9A2343A789
                                                                                                                                                                                                                                                                                                                                                                                SHA1:3348EB50751450F8BD2D8696890E0DF2BF3AFE2A
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:F01494E4CCC3330BF8A8CCBAB32A6CC352B4EBB5986595FE0CBF2E92B33DFBFA
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:09B3CE8D57EEF6A00BF163A265606453CA7D98DBFC9CC70264B27C092C76800D24BB59D832885196537BF3386478CA7534BBE7ECC5C2ED69EDFA0D9411E51A8C
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:...M........@..@.-...{5..;...{..........<...D./..;...{..................C:\ProgramData\Microsoft\Network\Downloader\.........................................................................................................................................................................................................................C:\ProgramData\Microsoft\Network\Downloader\..........................................................................................................................................................................................................................0u..................@...@......................4..........E.[.rXrX.#.........`h.................h.5.......3.....X\...;...{..................C.:.\.P.r.o.g.r.a.m.D.a.t.a.\.M.i.c.r.o.s.o.f.t.\.N.e.t.w.o.r.k.\.D.o.w.n.l.o.a.d.e.r.\.q.m.g.r...d.b....................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Network\Downloader\qmgr.db

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Extensible storage engine DataBase, version 0x620, checksum 0xaa2fa9d7, page size 16384, DirtyShutdown, Windows version 10.0
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):1310720
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.6586174660438575
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:BSB2ESB2SSjlK/rv5rO1T1B0CZSJRYkr3g16P92UPkLk+kAwI/0uzn10M1Dn/di6:Baza9v5hYe92UOHDnAPZ4PZf9h/9h
                                                                                                                                                                                                                                                                                                                                                                                MD5:BEFFE386C5C5A441B17403304C6F08C7
                                                                                                                                                                                                                                                                                                                                                                                SHA1:19EC8315E86802B9CCA5ACABAB5FEFCC64C42A8D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:A7E717DFD906EEB6CEEA1B6DFB7183B5614599517C8E3A816B087EF1BD69B617
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:2878FA30A463C403AF69A0A39E904B9666EF26AD2836700D4FC16262A66F8BBF491F887E037B79DB284941798B22D4ECEF91DEB30A64AD3F9AFAC9DFEC97869C
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:./..... ...............X\...;...{......................0.z..........{..9....|..h.|.........................D./..;...{..........................................................................................................eJ......n....@...................................................................................................... ........-...{5..............................................................................................................................................................................................2...{..................................q...9....|..................+6f.9....|...........................#......h.|.....................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):16384
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.0807485796659336
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:ilEYer6YSRtGuAJkhvekl1kOa9IwllrekGltll/SPj:ilEzr3SRtrxlSOQJe3l
                                                                                                                                                                                                                                                                                                                                                                                MD5:75A5CEC5638E48222423EE2C637BA4B6
                                                                                                                                                                                                                                                                                                                                                                                SHA1:AFF5B1FA9FCF86D76DBE3E365CFAB80BD17C4756
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:9EA0FC0B7FC379491A8977BB94774145EF72E543F45D00BEE47231AE306185C3
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:26629CDA45B03E8257B5B8C4F52924C76759D4553588003DCB8EDD47B74D3BA548D48D433263DE76BD43AD0AEDA7CC8FB27ABCA2E1DBAB01CF48C92E3CEDD6DF
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:..Lo.....................................;...{..9....|.......{...............{.......{...XL......{..................+6f.9....|..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner Homepage.url

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:MS Windows 95 Internet shortcut text (URL=<http://www.ccleaner.com/ccleaner>), ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):82
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.550468962332913
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:HRAbABGQYm/0S4YiyZhJArynQPKd4ovn:HRYFVm/r4Y9A+Qydlvn
                                                                                                                                                                                                                                                                                                                                                                                MD5:E874843904A42397C1A78C267F1A85E7
                                                                                                                                                                                                                                                                                                                                                                                SHA1:56D970E6F25001089700706F484366C32FD7B644
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:D037CA0BE3BB7853C2A7A540AF9E60A99C349210FBDAE5618825766B18C6C06D
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:8C244BFCFB0596F222AD4F62CA6BDDBA179250411F107B8E89D404496D489301B909CE905A0266D97E4E2FF1F412860A2DFCB9E7562006B5A147AA78F764851C
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:[InternetShortcut]..URL=http://www.ccleaner.com/ccleaner..IconFile=..IconIndex=0..

                                                                                                                                                                                                                                                                                                                                                                                C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Wed Nov 6 14:39:14 2024, mtime=Sun Nov 24 10:14:48 2024, atime=Wed Nov 6 14:39:14 2024, length=45359408, window=hide
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):881
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.515689979409905
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12:8mub20YXlh9MKQdpF4y7W8sPh6jOjAlRkbdpzCbdpNdtz6UfmV:8mutfdlsPhmyADwddGdT/z6Ufm
                                                                                                                                                                                                                                                                                                                                                                                MD5:E08EF37B479F0C29FF186D37B49CDB00
                                                                                                                                                                                                                                                                                                                                                                                SHA1:DB1302432ACDD6E691D315CB0B28815E1659DD9C
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:FDA5C49C871DF0F0714415A08E87B6F49D19307FA8261C2BFB2463007DF21143
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:3C00463610A75310B7A2F18343473291634771AD659B558CB5FE0AA86549210EB4C07A2CF5A4B1858F64D8B0FA85F49F22CF094B21397C869E1E26932B6ED10E
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:L..................F.... ....=2.b0....?.b>...=2.b0..0!...........................P.O. .:i.....+00.../C:\.....................1.....xY.Y..PROGRA~1..t......O.IxY.Y....B...............J.....e.J.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....Z.1.....xY.Y..CCleaner..B......xY.YxY.Y..........................|b..C.C.l.e.a.n.e.r.....j.2.0!..fY.| .CCLEAN~1.EXE..N......fY.|xY.Y....C.........................C.C.l.e.a.n.e.r.6.4...e.x.e.......W...............-.......V...........I..U.....C:\Program Files\CCleaner\CCleaner64.exe..7.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.C.l.e.a.n.e.r.\.C.C.l.e.a.n.e.r.6.4...e.x.e...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.C.l.e.a.n.e.r.`.......X.......818225...........hT..CrF.f4... ..%.GU....,...W..hT..CrF.f4... ..%.GU....,...W..E.......9...1SPS..mD..pH.H@..=x.....h....H.....K...YM...?................

                                                                                                                                                                                                                                                                                                                                                                                C:\ProgramData\Piriform\CCleaner\CCleanerProgramDeactivator.db

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 35, database pages 20, cookie 0x12, schema 4, UTF-8, version-valid-for 35
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):81920
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.7040244299515284
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:192:bl6/tX3PsBCwOtYUQAT/9mHeqBacZYgN4aXHIopaQn4oIsO6rTctgDJztk:bmtX/Y2J6Fm
                                                                                                                                                                                                                                                                                                                                                                                MD5:4F936B46EB8733968A28A7659E4A5743
                                                                                                                                                                                                                                                                                                                                                                                SHA1:37B313DC19751F103F40681104C34BA861B8A899
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:49433DF9E2BCAF2371F404F3B994377AD8976EE6AE1A86B988CA3FA8E34C4E32
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:E561B3589E0EF5D6CB5B75CA4A4DC7EAE1C1A477D825B9234F8149B734D54A0891DD208959F44DC2C64A57766D3AF2958BEC844B61C91B7F15DD66F82C5C1EE8
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ...#...................................................................#..j..............9...2.......V...N.....r...&.o..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\ProgramData\Piriform\CCleaner\CCleanerProgramDeactivatorCache.db

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 22, cookie 0xd, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):90112
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):2.4374446357557513
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:192:r3iicb5pDgVA7HBQ/PAa/jOy8c3iic1UPoGyLs:rXE5NgVAtQ5LOMXOUPo4
                                                                                                                                                                                                                                                                                                                                                                                MD5:4DA11E319520A9E1CDECB5D10F04CDD5
                                                                                                                                                                                                                                                                                                                                                                                SHA1:64915134A1FE77ADB1D68513707F3B72E7DA5337
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:512EBFA913389190941445DE8572E187A06113CD8BDC6E9987E18302F6A0842D
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:8E76A93252A75657B80773D11C3005ACCA1045AF97A92B0E1DF2274C83CC3C3F14AFFDCCBA52C9A6FBE918DF773A47697409436C9CF86ECBCBF77C86B3692E58
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:SQLite format 3......@ ..........................................................................j...N...z..V.........0.h.....A.....%.....6.z..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\ProgramData\Piriform\CCleaner\burger_client\8866F8A9-70C9-43A2-BFBE-EE00AA2DC417\44ED97C8-2D40-4A50-913D-673F6858B9AF

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):120
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.559200808834424
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:+xMaw+/pLsLy3Eu71/A9L6mTX8jusLRAp5CrlnTQ2vj:+HEO3u8XlU5Cr9TQ2vj
                                                                                                                                                                                                                                                                                                                                                                                MD5:EE69147988573D6409A551CC29778A00
                                                                                                                                                                                                                                                                                                                                                                                SHA1:B5788B60F65D669E2E44842829C89CCD44C84DB8
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:DCC88A44A781F16CAE8CBD4CA0AF6EF864E2A8893333A88504584D0FFC28E231
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:8FC0DE32E883956DB0BE51531989CE1166276E1E74EEADAA5F969DFC5F51C549E201CA631C46AB022599F5EDD1A27DD21B34AF4666796079EEB0CA306C57FC08
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:..kktmdg20,1..kktmdg, Inc..&Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz ...*.Intel Corporation2.Intel 806f88..@.H.P.?X..`..

                                                                                                                                                                                                                                                                                                                                                                                C:\ProgramData\Piriform\CCleaner\burger_client\8866F8A9-70C9-43A2-BFBE-EE00AA2DC417\78c2e8b9-496a-4af2-a60d-3146ee3f9e1c

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):646
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.346506087913746
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12:CUsYAmu6LCD9hWmEnauRny3G0ck++rfuZZCwfvb:CUK/D7Ru1Gck++yp3b
                                                                                                                                                                                                                                                                                                                                                                                MD5:FC1C355D79D6117CD962E336F8862603
                                                                                                                                                                                                                                                                                                                                                                                SHA1:0E84E62408E7946B10321E61B716D97DAC5D4B1B
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:5F27BA2830046924AB726854964FBB34E2DD6C2605E13FD970D02D0582451D64
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:A20CB41EF48D36B74C1E2273910E05DE99E5EB70CAFED0CADC877FECD377C79832C769B7B97AEB2DCF57D54EE3FAC7F56CDACBB3A5C08456F62C5A16E7103AC3
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:burgerdata..................................z..O.........=.6/F..~.;..............f...... ..... B........X.."e.f.v.....(.E.v............ .....h...oH...fK.....(Q$ ....XT)...... )...t...I..f.....DB.0.YD.u9......(Zj6.....X..,........{=.:....E.......S[5...|Z....D.M....a.X.....Y4H.+.h.s{..#....v...G.......P.=..5...1.06....+\p..D.+.iP...w..?.!i.bd.@J+....X1!.Q'..~|.{\..#..:d.G..... a..8@.Z.....K}......K%.0..Ux_'(..K...\..C....=X]....H......k...!..7..y.O...+R.|...\F.nk.....#....?..H..$T.H...).*hM..P..TG.9{).4...D"..._..;.......g.....(0...^.$e'...@...]..v.....Q.......2..}......7U|..VDH..@Kw..*....#.....1..N4

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\Public\Desktop\CCleaner.lnk

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Archive, ctime=Wed Nov 6 14:39:14 2024, mtime=Sun Nov 24 10:14:43 2024, atime=Wed Nov 6 14:39:14 2024, length=45359408, window=hide
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):863
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.537956908414808
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12:8muC20YXlh9MKQdpF4y7W8x3h6jOjANbdpzCbdpNdtz6UfmV:8muEfdlBhmyARddGdT/z6Ufm
                                                                                                                                                                                                                                                                                                                                                                                MD5:51B9C99897C81222123289DEDD17A466
                                                                                                                                                                                                                                                                                                                                                                                SHA1:BF0F063C35B54885113ED094589FF1CCEC117777
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:8AA645AA7C7C0980D5C4C771D0116523DFE282DFC3D83B9EBCA5C85AAD491A7F
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1ADBA67DF4FE4B595C0B45499AA3F9E414AEFA7A31961851B754A6C528E7EA820E71B8B98E702BBD8B84BA2373BB31936D1650C5F02ADD4211DDB3012CD77CE0
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:L..................F.... ....=2.b0....9.b>...=2.b0..0!...........................P.O. .:i.....+00.../C:\.....................1.....xY.Y..PROGRA~1..t......O.IxY.Y....B...............J.....e.J.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....Z.1.....xY.Y..CCleaner..B......xY.YxY.Y..............................C.C.l.e.a.n.e.r.....j.2.0!..fY.| .CCLEAN~1.EXE..N......fY.|xY.Y....C.........................C.C.l.e.a.n.e.r.6.4...e.x.e.......W...............-.......V...........I..U.....C:\Program Files\CCleaner\CCleaner64.exe........\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.C.l.e.a.n.e.r.\.C.C.l.e.a.n.e.r.6.4...e.x.e...C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.C.l.e.a.n.e.r.`.......X.......818225...........hT..CrF.f4... ..%.GU....,...W..hT..CrF.f4... ..%.GU....,...W..E.......9...1SPS..mD..pH.H@..=x.....h....H.....K...YM...?................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\wa_3rd_party_host_64.exe.log

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\wa_3rd_party_host_64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:CSV text
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):3941
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.356553387329319
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:96:iqbYqGSI6ozajtIzQ0cxYsAmSvBjwQYrKxmDRtzHeqKkCq10tpDuqDqG:iqbYqGcRIzQ0JyZtzHeqKkCq10tpDuq7
                                                                                                                                                                                                                                                                                                                                                                                MD5:AA9118DA86993A2DCD77BDD1FD358EF2
                                                                                                                                                                                                                                                                                                                                                                                SHA1:FEFFBA2362857A2E31500B0F423E7B3A2BC359F0
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:721694289211AFA66B607012BF3FEFEFB260CB0074E345B4030786F36F536BD8
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:82681D8B4AACAC926CA822EA97AA532632A925458DC75736823F45C478950674AA99A386FD23650787D05DE70C4A13BB53BF652266F966E1B8616F7FE5C3C9CA
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_64\System\b187b7f31cee3e87b56c8edca55324e0\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\31326613607f69254f3284ec964796c8\System.Core.ni.dll",0..3,"System.Management.Automation, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35","C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Manaa57fc8cc#\27947b366dfb4feddb2be787d72ca90d\System.Management.Automation.ni.dll",0..3,"Microsoft.PowerShell.Commands.Diagnostics, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35","C:\Windows\assembly\NativeImages_v4.0.30319_64\Microsoft.P1706cafe#\37a5ed6e6a6a48d370ee34b13c3e2b37\Microsoft.PowerShell.Commands.Diagnostics.ni.dll",0..3,"System.Configuration.Install, Version=4.0.0.0, Culture=neutral

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\wa_3rd_party_host_32.exe.log

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\wa_3rd_party_host_32.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):3844
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.3562172766440215
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:96:iqlYqh3oEFxtIIVMcCgAhMFKrJcqFfr0U1tI6eqzNqMRni9q3qU57Uy:iqlYqh37IIVMvJcq5dtI6eqzNqM5Aq3Z
                                                                                                                                                                                                                                                                                                                                                                                MD5:C379DAEC267DA27E9EF4930347E7CC87
                                                                                                                                                                                                                                                                                                                                                                                SHA1:F1593C218AC3D6DF1CF307EB101DF787938EB5B8
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:C83CED1B15565D31B1445B6335AFD753E85A788311B8C6005D4DCDEC1D7BC2E3
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:30387C95A52FC853461270F674660E142F5816884C3085B587B248EBFB086446CB389C4CB400F2294F93DB147256C43E88022459F31D65C6F20A44A08EE0BAEF
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System\920e3d1d70447c3c10e69e6df0766568\System.ni.dll",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\8b2c1203fd20aea8260bfbc518004720\System.Core.ni.dll",0..3,"System.Management.Automation, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35","C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Manaa57fc8cc#\7ae6ae69c7471e5e034a046629402c6a\System.Management.Automation.ni.dll",0..3,"Microsoft.PowerShell.Commands.Diagnostics, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35","C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.P1706cafe#\5484a7638cf633fd03f0dcd66df5a16d\Microsoft.PowerShell.Commands.Diagnostics.ni.dll",0..3,"System.Configuration.Install, Version=4.0.0.0, Culture=neutral

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000002.dbtmp

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Xv:1qIF/
                                                                                                                                                                                                                                                                                                                                                                                MD5:206702161F94C5CD39FADD03F4014D98
                                                                                                                                                                                                                                                                                                                                                                                SHA1:BD8BFC144FB5326D21BD1531523D9FB50E1B600A
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:1005A525006F148C86EFCBFB36C6EAC091B311532448010F70F7DE9A68007167
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:0AF09F26941B11991C750D1A2B525C39A8970900E98CBA96FD1B55DBF93FEE79E18B8AAB258F48B4F7BDA40D059629BC7770D84371235CDB1352A4F17F80E145
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000002.

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000005.dbtmp

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Qv:1qIFQv
                                                                                                                                                                                                                                                                                                                                                                                MD5:9F36605EFBA98DAB15728FE8B5538AA0
                                                                                                                                                                                                                                                                                                                                                                                SHA1:6A7CFF514AE159A59B70F27DDE52A3A5DD01B1C8
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:9C283F6E81028B9EB0760D918EE4BC0AA256ED3B926393C1734C760C4BD724FD
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1893AA3D1ABCF7F9E83911468FA2EEB2AD1D7E23F4586BD6C4D76F9F96A645C15E63E44DA55700347165E97B6AC412E6D495B81C3DA9FAA61D617C7A71A7404C
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000005.

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000007.dbtmp

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Sv:1qIFSv
                                                                                                                                                                                                                                                                                                                                                                                MD5:18E723571B00FB1694A3BAD6C78E4054
                                                                                                                                                                                                                                                                                                                                                                                SHA1:AFCC0EF32D46FE59E0483F9A3C891D3034D12F32
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:8AF72F43857550B01EAB1019335772B367A17A9884A7A759FDF4FE6F272B90AA
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:43BB0AF7D3984012D2D67CA6B71F0201E5B948E6FE26A899641C4C6F066C59906D468DDF7F1DF5EA5FA33C2BC5EA8219C0F2C82E0A5C365AD7581B898A8859E2
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000007.

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000009.dbtmp

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//cv:1qIFcv
                                                                                                                                                                                                                                                                                                                                                                                MD5:979C29C2917BED63CCF520ECE1D18CDA
                                                                                                                                                                                                                                                                                                                                                                                SHA1:65CD81CDCE0BE04C74222B54D0881D3FDFE4736C
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B3524365A633EE6D1FA9953638D2867946C515218C497A5EC2DBEF7DC44A7C53
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:E38F694FD6AB9F678AE156528230D7A8BFB7B59A13B227F59F9C38AB5617DB11EBB6BE1276323A905D09C4066A3FE820CF58077AB48BF201F3C467A98516EE7A
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000009.

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\CURRENT (copy)

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:1sjgWIV//Xv:1qIF/
                                                                                                                                                                                                                                                                                                                                                                                MD5:206702161F94C5CD39FADD03F4014D98
                                                                                                                                                                                                                                                                                                                                                                                SHA1:BD8BFC144FB5326D21BD1531523D9FB50E1B600A
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:1005A525006F148C86EFCBFB36C6EAC091B311532448010F70F7DE9A68007167
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:0AF09F26941B11991C750D1A2B525C39A8970900E98CBA96FD1B55DBF93FEE79E18B8AAB258F48B4F7BDA40D059629BC7770D84371235CDB1352A4F17F80E145
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MANIFEST-000002.

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):145
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.522451046764113
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:tRrXRhlF3AGKWZm7vX9VXRHQF3VlR1V8l9VXRHQF3VlR1WDv:H7ogZmrtVJQ3Vl7VY9VJQ3Vl7y
                                                                                                                                                                                                                                                                                                                                                                                MD5:840720281DC75CF857D6862840D2838B
                                                                                                                                                                                                                                                                                                                                                                                SHA1:C24D9E0B0F713859B768FF3260CD96AA31B2B8DF
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:ACCD6C472DCA9E5F5E2A6981738673C9AC1D1B7CDFB6210A55477563BB1F9793
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:BF176EAC6658FD913D32B4650FC5E84F6A980DAF563CFF04324BE2C92DB0377385D386B4752FDDB86E74DFECA5A6343BCFCE953C53854EAC503F11425DE83920
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:2024/11/24-06:17:17.000788 dd0 Recovering log #8.2024/11/24-06:17:17.000835 dd0 Delete type=0 #8.2024/11/24-06:17:17.000835 dd0 Delete type=3 #7.

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):145
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.522451046764113
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:tRrXRhlF3AGKWZm7vX9VXRHQF3VlR1V8l9VXRHQF3VlR1WDv:H7ogZmrtVJQ3Vl7VY9VJQ3Vl7y
                                                                                                                                                                                                                                                                                                                                                                                MD5:840720281DC75CF857D6862840D2838B
                                                                                                                                                                                                                                                                                                                                                                                SHA1:C24D9E0B0F713859B768FF3260CD96AA31B2B8DF
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:ACCD6C472DCA9E5F5E2A6981738673C9AC1D1B7CDFB6210A55477563BB1F9793
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:BF176EAC6658FD913D32B4650FC5E84F6A980DAF563CFF04324BE2C92DB0377385D386B4752FDDB86E74DFECA5A6343BCFCE953C53854EAC503F11425DE83920
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:2024/11/24-06:17:17.000788 dd0 Recovering log #8.2024/11/24-06:17:17.000835 dd0 Delete type=0 #8.2024/11/24-06:17:17.000835 dd0 Delete type=3 #7.

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\MANIFEST-000002

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:MPEG-4 LOAS
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):50
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.988758439731456
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:Ukk/vxQRDKIVKceul:oO7Deul
                                                                                                                                                                                                                                                                                                                                                                                MD5:64486E4C658733375B5B98EB7DCA49FF
                                                                                                                                                                                                                                                                                                                                                                                SHA1:FCAE1102348CBAB75E16C45901C9EE9974A87BC3
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:D420B162415FF7ED4B23DA14CEE4FFC3E89B288951AB5EFE8965266367D6B370
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:A216F7A9508C011889B6859F377D7E4BA6A3DBA794A04206C759D7A41910B73C87BF62DB0AD71054D33AD3375D7DB005521C9851E3EE8F32F6388A586F78A3BF
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:V........leveldb.BytewiseComparator\.j............

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\MANIFEST-000005

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:MPEG-4 LOAS
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):50
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.988758439731456
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:Ukk/vxQRDKIVewR:oO7ewR
                                                                                                                                                                                                                                                                                                                                                                                MD5:494E626A5079642EFED0F0C7F38BD4EF
                                                                                                                                                                                                                                                                                                                                                                                SHA1:0CBEAD74A33AD551EAE3B25C213D3B080535589B
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:9CE8BD68FE0B86C0BF2067D549E7B93BC1C24F12BDFD227ABA521E9D7E704436
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:659BC9699799757DEC5B257D78949D378CAF03001890F7AE24D28055CFF7175D85F8EA14393048AAB1C0BA460082F568E5F4BFACDB8921F006F98989293FE78D
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:V........leveldb.BytewiseComparator.._............

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\MANIFEST-000007

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:MPEG-4 LOAS
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):50
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.948758439731456
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:Ukk/vxQRDKIVPh4ke8sz:oO7Ph4lz
                                                                                                                                                                                                                                                                                                                                                                                MD5:1BE22F40A06C4E7348F4E7EAF40634A9
                                                                                                                                                                                                                                                                                                                                                                                SHA1:8205EC74CD32EF63B1CC274181A74B95EEDF86DF
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:45A28788CDE0D2A0232D19C391EAE45777FE640790AC0674D6DAA5672C444691
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:B8F6F42D375E3AD8015D744FA2814994FA6E588B41CCE0131FCA48194DD40146B08169A8CE0DA350525FF32A59A16EDB503C72E0F07254955C82A0D38074856E
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:V........leveldb.BytewiseComparator.D............

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\MANIFEST-000009

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:MPEG-4 LOAS
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):50
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.028758439731457
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:Ukk/vxQRDKIVV+nel:oO7VBl
                                                                                                                                                                                                                                                                                                                                                                                MD5:EDC65ADA2239C69ACF42326EAB94EA54
                                                                                                                                                                                                                                                                                                                                                                                SHA1:48B732EA60026371D4FD66CD70881E6C1FAE10D2
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:FD9F2BEDE5086EEAC5E227CC1E2CED1EE31D0C931447E8D2E163F343753A11F0
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:8A72520231107DC729038C78FA56B6816BC39FB85AA0D3560FB32A15CFD4923AD03180434354BC56FCB0AD54587B743D5CE02B4788C08A852F64480ABB1D03F2
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:V........leveldb.BytewiseComparator.O............

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Internet Explorer\MSIMGSIZ.DAT

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):49120
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.0017331682157558962
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:Ztt:T
                                                                                                                                                                                                                                                                                                                                                                                MD5:0392ADA071EB68355BED625D8F9695F3
                                                                                                                                                                                                                                                                                                                                                                                SHA1:777253141235B6C6AC92E17E297A1482E82252CC
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B1313DD95EAF63F33F86F72F09E2ECD700D11159A8693210C37470FCB84038F7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:EF659EEFCAB16221783ECB258D19801A1FF063478698CF4FCE3C9F98059CA7B1D060B0449E6FD89D3B70439D9735FA1D50088568FF46C9927DE45808250AEC2E
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\10[1].json

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):19
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.6818808028034042
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:YVXK+W9:Y9K+W9
                                                                                                                                                                                                                                                                                                                                                                                MD5:8FBB197A46BFBC0877ECDE22EE21B582
                                                                                                                                                                                                                                                                                                                                                                                SHA1:598480CDC624A167BA58F96B0F79FC9C85DC193D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:A92C5B1252BD5AFBC6BA9E5783FCFF146188FF715DEE96CFE5F437AE7A125CB3
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:0AF8A3610A164852A653CBA039AEEB77EA037B2684A66CA52029A87E3E8028896CFC37D48B302519D1C909D0619669448F88F3F44D128DF35167F495894CAB1A
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:{"processed": true}

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\Roboto-Light-v1[1].ttf

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:TrueType Font data, 17 tables, 1st "GPOS", 15 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto LightRegularVersion 2.001151; 2014Roboto-L
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):162420
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.5451429747376
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:LX9E5gPCzd+xMOknOhTwLMkaZVn4rEm0n2TCqtUD5Mq6rrdUIDP+Nk/XXLBH:JEa2Mx17TwL67n2Tttu5Mq6vNmyXXLBH
                                                                                                                                                                                                                                                                                                                                                                                MD5:7B5FB88F12BEC8143F00E21BC3222124
                                                                                                                                                                                                                                                                                                                                                                                SHA1:2E3148D213B15328EBEBBA14E828FB3BF79634EE
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:E7EA653DDEC2D2A74D0DCBFF099C009CC7469EC323A50C89A2915CE44CA4C0B4
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:266D424E8BDB4128472618CE6AFB18BA7A5D2924548706864104B1FB74BDB3C9F0FB1BD8D8E1B0C7241FB54E3BBB42D35BB180EFD7378B2BCF3C352A0F694DAE
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:............GPOS.......4..Q.GSUBL.(...a....hOS/2.C.........`cmap@&Hr...l....cvt ..).../....Rfpgms.....-4....gasp.......(....glyf...T..9....thdmx!...........head.3.........6hhea...k...T...$hmtx...*........loca..,.../.....maxp...\...x... name<.n....8....post.m.d....... prep..m3..................n._.<...................N.. .....s.................l.....7. .E...............................Y...............r.......q.,.......3.......3.....f..................P.!....!....GOOG.@.........f.... ........:... . .....d.....................L.....U.o.s...m...l.\.w.......!.e.....K...<.J.1.....-...o.x.o...o.i.o.b.o.C.o...o...o.M.o.j.o.e.......<...M.m...%.|...T.N.q.........2...=...........x.......!...g.G.....7...........j.}.....j.y.......X...4.B.......,.=...7.......Z.....'.0.....T.M.t...I.g.I.d.o.....^.r.l.".Z...?.p.l.d.......................e...{.Z.o...v.l.......e.....e.....&...?...0... ...W...D.........z.......[.w...]...m...,.......f.q...e.k.......{.].|.j.f.j.j.....=.T...L...G.@.|.t.....S.......b...~....

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\53IVYM2Y\icon-redundant-files-v1[1].png

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):505
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.30476339255782
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12:6v/74/6Ts/kBl30IZjvj+IOlAMk3GTJOgbJLrqLaZFtky+sgH:x/6t+INj6a2TJOEJLUaZTUt
                                                                                                                                                                                                                                                                                                                                                                                MD5:439F7F19276E805A650F3B15A4F1C08F
                                                                                                                                                                                                                                                                                                                                                                                SHA1:B2A2A52933BF54E42EB08B149DAA5B4214ED8109
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:67546B5B38B0248BD58662F00DCE1D0AF62130DC14513D3142439E69BAE6CB06
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:52E5051D91631305416A29BBCE511C15C5D42B10794CA0A4902110A5A3AD0DBEAFFEADF6E28ED6E366FE92717CD163BE280B558688AE94236C4F4797A65B3A0C
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.PNG........IHDR..............w=.....pHYs.................sRGB.........gAMA......a.....IDATx..UAN.P.}.&n.F....N .....f!..r.$.lYh....<............B[...K.v...7...+.`.xpX.V.u0..n/.Y...1v...4)..uq...@...a.A..]3.7......'..o..zh..I.."...K..C.si.......j....%..bF"*..(@.=../..C.N9T@]..}'.S..|.\...".]x.......{.e.....KGx._......p.D.>S.#.4..*Z2...@.A.0K.s...1.R..&EN..z.(o..........N.#<.6.....W.t.X.....x..=.=)t....#..;H.D.q<^..MYLN.6.rU....uY.3....uD..dG^..@y..xV...o^|.QX..B....IEND.B`.

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\Roboto-Bold-v1[1].ttf

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoBoldRoboto BoldVersion 2.001150; 2014Roboto
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):162464
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.524438741684788
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:x6X+/XYXXXXXXP9kPbVQdSZr/OkS98QSADOy9w4zb4VB22knj+1NmLVhygfTZluN:x+yZQMOJZDboVB22k5zTW+w
                                                                                                                                                                                                                                                                                                                                                                                MD5:D329CC8B34667F114A95422AAAD1B063
                                                                                                                                                                                                                                                                                                                                                                                SHA1:0A1793926E2EE724CF2FF3FC7ADC745348659F82
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:EF2AB0E402D5CB9DE893E263A2C44E57F57FEC3974B0D981BFE84DEC3DAE83A1
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:34B78978F62FD447C60654E4BE36877EB95AE9B7F616CA59858D2251C47825EEEBEAFD04D317D1E36D4C0FA9122A94D0140A81B2EE69FB08A3237EAC4279BCFC
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:........... GDEF.5.5.......DGPOSZ.61...<..Y|GSUB.2....b.....OS/2..........`cmap@&Hr...|....cvt .N$.../....BfpgmS.W...-D....gasp............glyf.u./..9....vhdmxWHS7........head.......,...6hhea.&.....d...$hmtxT...........loca....../.....maxp........... name7.c....(....post.m.d....... prep.6~.../..............F>._.<...................N..0.....s.................l.......0.5...............................N.................................3.......3.....f..................P.!....!....GOOG. .........f.... ........:... . .....d.................-.|...@...@...\..._.@.G.K.?...|...(.....^.9...#...n.S.~......._.......F...@...7...i...d...=..._...V.B.}...9...6.....".x...-.).K.b.......<.V.3.......b...s.^.....U...x.(.....U.............V.).....T.......E...(.D.t.;.....#...........I.9.x.`...9.....,.......4.J.D...o.,.B...B.S.H.......E.z.h...m.....F.o...~...o.{.i...B...o...B...o...8.....z.h...................J...0.......".0.j.B.....c...c...Q...........\...].F.V.......M.i.~.F.V.......~.L.Y...7...0...e.......K

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\Roboto-Regular-v1[1].ttf

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.001101; 2014Roboto-Regular
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):162876
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.532050095534921
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:jgWSNgHPoqWL1MMeFchiZ414XtvlbjybHp/rGazzxla34cS2FXzyuDAbM5hDWH3b:jrsHYt56Nklyuk8WMoBiul
                                                                                                                                                                                                                                                                                                                                                                                MD5:AC3F799D5BBAF5196FAB15AB8DE8431C
                                                                                                                                                                                                                                                                                                                                                                                SHA1:CB0CB91A31F43293BD7042DDAB945CE161C29D3D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:F0E5A21BF5C95E4C1BCE2BE98A3656EBCC6D42A21F41C4E3EBF69DD815702E54
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:A8B7F0F8759FCE064B8576429A59A0B18BFC7A6AA3B140AF43EC665FFAAD2A1CB27A2BD745435113894EC5D607A3EA706F92C19CA5A233D87F464362DD6063CB
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:........... GDEF.W.Y.......DGPOSJr....0..R$GSUB.....dT....OS/2...........`cmap@.Iv...|....cvt $A..../....Lfpgmg.\...-D....gasp............glyf.....9....6hdmx78..........head.F.....,...6hhea.......d...$hmtx..........loca..g...0(....maxp........... name5ScY...(....post.m.d....... prept...../..............*Y._.<...................N......0.s.................l.....I...J.0.............................T.................................3.......3.....f..................P.!....!....GOOG.@.........f.... ........:... . .....d...........................w.~.n...i...e.e.g.......&.r.....N.....5.%.....L...~.s.~...~.].~.^.~.5.~...~...~.M.~.p.~.d.......)...H.d.........K./.j.8.......5.w.?.......l...s.z.....-...j.5.....N.............v.......m.......P...1.0.........=...9.......V.....H.(.....X.@.....y.9.Z.m.}...0.\..._.=.]...<.}.`.h.......................j.....[.}....._..... ._.....i.....!...+...).......X...@.........q.......`.i...[...i...........Z.X.f.I.[.......f.n...J.Z...x.....F.a...B...>...{.......C

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\V0UV4482.txt

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Generic INItialization configuration [Common]
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):1452
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.403538116173046
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:3gGwlrFWI5vAVqeJCggyoqf1VXn7GRFlp0unrP+iCP7At3RbLk:3gGweI7eJCg1jn7Gn0unr+iCP7W3k
                                                                                                                                                                                                                                                                                                                                                                                MD5:B2A05F86E104C98584C013B0AC83DFD1
                                                                                                                                                                                                                                                                                                                                                                                SHA1:33701F3EA2EC5F48A403E04F3CDB02B95BFA872D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:47BB4C665FD7A215A291C0E379C0312C5771CD6ED419B035906351D19B750250
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:43F3E65013B69027827218CBB89BD0AA1EA4BE2F1C0B3D7F1DD47378209519415CEC1ECC159D682B18D5628E0CD0BCB59EEB2BACD20D231741B9090DDB3DF076
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:[Encrypt]..CCPOC=DISABLED..DTNP=1200..DUNP=900..[Common]..AlphaIntegration=1..AlphaMigration=1..AU2=1..AUTNV=0..CCAM=DISABLED..CCNU=0..CCT=ENABLED2..DriverScanInterval=7..DriverUpdater=1..DriverUpdaterVersion=1..DumpReporting=1..DUSkipOnboarding=0..GDDEBUG=1..HCAddResults=1..HCDirectCart=0..HCResolveBtn=0..HCSkipAdvanced=0..HealthCheck=1..HealthCheckIpm=1..HealthCheckNF=1..HealthCheckVersion=1..HideRegistry=1..NotificationCentre=1..OPSWATSoftwareUpdater=1..OPSWATSoftwareUpdaterHC=1..PC=0..PCCU=0..PCCUD=5..PE=1..PENP=27..PerformanceOptimizerVersion=1..POSkipOnboarding=0..PrivacyPolicyDate=2024-02-13..ProFeatureCounters=1..PTOOF=0..QuickCleanIpm=1..REU=90..ShowOffers3rdParty=1..SoftwareUpdater=1..SoftwareUpdaterIpm=1..SPERDI=8..SRDI=8..SUExclusions=tp3149,tp848,tp3197,tp2434,tp921,tp236,tp468,tp471,tp2867,tp569,tp570,tp1339,tp2843,tp2594,tp3009,tp1373,tp311,tp571,tp1434,tp2571,tp2845,tp2979,tp2047,tp411,tp1774,tp2346,tp1082,tp3083,tp366,tp2579,tp2581,tp2580,tp2697,tp361,tp605,tp1677,tp11

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\autumn_toaster_button_bg-v1[1].png

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PNG image data, 422 x 105, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):43895
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.985626528468622
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:OI/4XvqSR12a50KzKySU4DzXVs2nFdjbXimCW509icyxuNu2a5DsADYPlN:OBfqk8a50bZzXVsOdnXimSQlxuI2ssA2
                                                                                                                                                                                                                                                                                                                                                                                MD5:D9CAF08A90F8152F9FD0C7F5AC71D2D1
                                                                                                                                                                                                                                                                                                                                                                                SHA1:4FE4D93E49CA4FB6C0D819AB30C5AC6DA2389ADF
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:130508B257D76C764B24EF1D35460B5E5F7E34F902F1E5A5AD865364B4DF97EC
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:BF8039278CC36F3C4714DF7AD956E8B46B485F251DABFFD9936B79F9BDD071DAA7A8929E7F3BC2DF889A5BC19B4E4D6D75A2FD8737C1F34A6DE4C1288FBD252A
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.PNG........IHDR.......i.....q.......pHYs...%...%.IR$.....sRGB.........gAMA......a.....IDATx.....^Gv.............p@..8...%s..7;..Rfm.9fV.9`.'9..$....8....X.h.x......g..-..Y.X..{6ge...X.ddbK.-..@.".6..Fw...wS...O.{_...Y....T....V.z..................A......\..{.{vP.'}^..$0.{...w.......:|...uT.Qm?).=.>|.V....k..x..r~R:..........Ip.F.~.........?.&...&.Lt.k.{..8....W...2....n..6.....k...'..T.z...c..<..W_}.G.....s=x....\..{......K[......u.,.xF.T.....R..2*d\..E....zV.............t.RS=..v<-.px.yq.]..%..t..,Ql..............-K.k_..x....p.4#....9.Yu.q..us.(..NQ....#.;.].........x.#.6=x6..#..T..r....v/.6G.........].._.....IaB.l...q.....H..!....|=.........C.w.\yv..L.......i........t.....h..~a........1.....'...yy...<.o|7..4.........)..p.Mt..w...=....f.A}..3*).m8..v......Xr...............|.._a....u..Z...l...q4.%..G..../.ti.qJ.H..s.W......s.*..k...^@.....C|^.el............7h.r...D....`..|.j;.....j.......o7...l.....3..U~.G../^.......#.}CS~...Cz.Pie@

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\icon-free-up-v1[1].png

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):690
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.562157234286198
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12:6v/74/6Ts/pBxON3/ASe54vDE1p0S8F8x3lPs1k9w2pItZZPHaPKxt0vTCXl3jD1:x/68EPG6E1x8F03lPsDLfwm+6H1eSsvy
                                                                                                                                                                                                                                                                                                                                                                                MD5:BF52A60574166E1E4778E4F80ACCDA55
                                                                                                                                                                                                                                                                                                                                                                                SHA1:2500B88424B44602A914C8E232E61D4CD28BF0C5
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:F4CB4D6B0A5EA6040C3EFB29ADE7D4666EF75AA9BF372A65D39666F429A2F46E
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:35A686A0E44F9709185F347DBC7524579999C0BC651EC237DCAA54DBCE2B1630C8C7CCA67C85CBCB11E0CDA76C6116592AF7B9DE157A770F602D8D070CAD227D
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.PNG........IHDR..............w=.....pHYs.................sRGB.........gAMA......a....GIDATx..T.jSA....-F.{U..b&O....|....'.Y..>A.. YH...R...4y.F.J....Q4M.xf.PM.......r.9|..3...5hra..6s.t.X....1.Z.....J.3U.N...9.q.......C"....@.../..+..z...9..DHJ.u...X..n!...{./../.\YC.p.!R..C..)<...i....I@B#.h!)......r.K.O...f..0.x.<.[X...^...I`..y~...,.xR..;.!.....4..TV......i...E.G.....m=...'...5G...v.{Jt.{"..)....P...p...[$'.S..v..#7jU7B..<!.a>y..Z...6=.B......h...SC..U.UX._.....!R.v..;......%.m.ez...'.......3.....0....tz..m<@*'>W.P...e.5&.........A....M.R..5.......5...........G....%.Y...*!.xSZ....L.fn.P,...U1..3.,J$.E....z....&..#.t..>:...... ....].....IEND.B`.

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\9C680Q69\img-banner-garbage-v1[1].png

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PNG image data, 82 x 52, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):6261
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.9601831896547255
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:96:8SIJ2IeOUPrtmyshNUVXsF9TTSQ2qPIi280rF2U+KhqD3LTnspwbVAoPM+uGCsDs:8S+21Pr8AVXe32JFYlznspwbVRPNL9m
                                                                                                                                                                                                                                                                                                                                                                                MD5:F51ABE7F1B2541EAFF5D4AD0E34B9663
                                                                                                                                                                                                                                                                                                                                                                                SHA1:B40CA6C5F9446A7D54BCF6678C89C41F7EB9D0C4
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:19B65F8CB35745BE9987811714002FC48220704BA5548CCBEF506E21968D6A2A
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:CD57E82E8444392532AE0BF74580EC4885DFC77097EB7889F1F724CFB29567755CF15F29DCA7F006C42DA58123D0599061BAABECF3ECBCDBE3874251320AB51F
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.PNG........IHDR...R...4.......o.....pHYs.................sRGB.........gAMA......a.....IDATx..[yp]Wy.....6=.$K.,/..;.M..:.4..a).0.4.S:e.C.-..S....H2.(m....N.L.L !.c.'6.c.mI.....{..[.r.....=.j.,...v.Y~..[.w..~_V.h.&,........W...^N..GDg(D.......}..E.7Y..qq...#Q..?|D.Y.7a...D........,...M....{.R..%M....1:.._.K.}.o.;&n....7C:.n..<.{.Lw\.K...P.4@...:V..6..... *.t.....{......T.....t..'..%T...{=....r.."......iw,B4]...)[..}..>..B....u.>xa..w,S......*&..?.Q?|....z.K.......S.../m.N.].D....8....K6.64.....Q2M..&.d.....R...Y.X...U!......O .3.ct....).....LZ...P...Q.....A.].,]..S..lc,...l...q.8e.J........M.qyCT.=s2B.on.4...5.p..1.f.PV..R.384^..^)..^Y.V../Q.....Y...^.E.QZ.r....3B.w..h..&......x.....|.-U.!....T.>...d`.....h......~... .U..y..s.X..1...^..uM.@+.a.'..u...lm j.x.<....q?.,&.`A;......>...(..M..p..ey.NG).RW.A7'.j..l[.........y.U.z.Aq.V..1.=.B..y...m.A. VJv..^.[p. ._...T r)Zr.l..-l+Y.m.j.......L......a..>.....4...i]M'..GX..v....5rpv..3...#Gd

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\Roboto-Bold-v1[1].ttf

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoBoldRoboto BoldVersion 2.001150; 2014Roboto
                                                                                                                                                                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):162464
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.524438741684788
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:x6X+/XYXXXXXXP9kPbVQdSZr/OkS98QSADOy9w4zb4VB22knj+1NmLVhygfTZluN:x+yZQMOJZDboVB22k5zTW+w
                                                                                                                                                                                                                                                                                                                                                                                MD5:D329CC8B34667F114A95422AAAD1B063
                                                                                                                                                                                                                                                                                                                                                                                SHA1:0A1793926E2EE724CF2FF3FC7ADC745348659F82
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:EF2AB0E402D5CB9DE893E263A2C44E57F57FEC3974B0D981BFE84DEC3DAE83A1
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:34B78978F62FD447C60654E4BE36877EB95AE9B7F616CA59858D2251C47825EEEBEAFD04D317D1E36D4C0FA9122A94D0140A81B2EE69FB08A3237EAC4279BCFC
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:........... GDEF.5.5.......DGPOSZ.61...<..Y|GSUB.2....b.....OS/2..........`cmap@&Hr...|....cvt .N$.../....BfpgmS.W...-D....gasp............glyf.u./..9....vhdmxWHS7........head.......,...6hhea.&.....d...$hmtxT...........loca....../.....maxp........... name7.c....(....post.m.d....... prep.6~.../..............F>._.<...................N..0.....s.................l.......0.5...............................N.................................3.......3.....f..................P.!....!....GOOG. .........f.... ........:... . .....d.................-.|...@...@...\..._.@.G.K.?...|...(.....^.9...#...n.S.~......._.......F...@...7...i...d...=..._...V.B.}...9...6.....".x...-.).K.b.......<.V.3.......b...s.^.....U...x.(.....U.............V.).....T.......E...(.D.t.;.....#...........I.9.x.`...9.....,.......4.J.D...o.,.B...B.S.H.......E.z.h...m.....F.o...~...o.{.i...B...o...B...o...8.....z.h...................J...0.......".0.j.B.....c...c...Q...........\...].F.V.......M.i.~.F.V.......~.L.Y...7...0...e.......K

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\icon-take-control-v1[1].png

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):780
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.615228760910061
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12:6v/74/6Ts/qWdb4GlRqxc2744fff3AM2XpdsdYxp5Z3zeT/56Vg7EqmkMN3CLbNJ:x/6Ud84g+cZjA3sdApDez52fqmo9UG
                                                                                                                                                                                                                                                                                                                                                                                MD5:718711598FC0363D2C6BB8A6D31E501F
                                                                                                                                                                                                                                                                                                                                                                                SHA1:6A3107F07117F042A39FADB184243EC16C9435F6
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:CE7E830C2B4B965753D110898F9E00D42AB4D4B9FA361A39471E84FBD8842E6D
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:CB59FEBC94A688756BA2E62767BAC47C15ECF45C9D293C541FA9094B3EB63D7D600F226AC6E6667B7F78F5AA627CFC4931836071F4A65C870BBB6867BFDCE3C8
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.PNG........IHDR..............w=.....pHYs.................sRGB.........gAMA......a.....IDATx..U.N.Q......E.q.2.A}.....(.aM..'.>A!...........7h..tabc.{.f...NI.1.K.s.=s...;....^..}/...w...R=._..u.&...*vL..3..F...r#[-..&....m.z-../.Yf]o#.<.....%Gd..1_.X..A..*.L.q.Y"...uM..]t.1...J..s..^.E.....X.Qc.....`F.zy..>zV..D....0.}..f.V.0.E^.......0...X.L3....`.i!.w..........1.e..H.;.G.....5."G.}:...m%Z...L.Jxx..t.x.....e.' ....W.....=..5TL.L..E.+.G..0b..%....(.,..n.q.....<>..%z.......y.0..iZF%.YI+K.....$..}(.\.)3...n.....J.wg....D.<)..&C...m..$...es..O..8...Q.$.....W.L%..T...O77.g..........UYOW........z*.. ..F..!.y=..Xk...&V. .i...Gt.;q.>.3.w..zj.h...6..n....D....u......$1.Ji...=p."P.58......4y.5...l.uWJ.3d.3..&O.~.n.....=........n.....IEND.B`.

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PMW3U6MX\img-toaster-garbage-v1[1].png

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PNG image data, 360 x 144, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):22135
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.976531285830329
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:384:JF1hn5TWxCm5zAy9mLOfDZ7sJiLDQiiOHSaxbYkOcaxVgeRM5JIA5/2LWP:75TqpzAyE6l7VD/j77Sgrl+LS
                                                                                                                                                                                                                                                                                                                                                                                MD5:99DF31F34424ECAE931330AC4548EE76
                                                                                                                                                                                                                                                                                                                                                                                SHA1:D2220D7D0760B77810D891AFFA2782B35F8D12DF
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:C527D7D2E22A811F1B95D959CFC33E437C057BE37D322C96CFD970E8B996B84F
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:DB763DEA67DF857F406C5D3FB126DC1A3AE6F2A4047E4B04492297BDE7CF7EAB6E86774795F505244D6D27CD790254065B18BBB541B76A4902FA3487A72B73B4
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.PNG........IHDR...h.........%S......pHYs.................sRGB.........gAMA......a...V.IDATx....eWu&.N...W9..*J.. ,..$.....3D.1.0c.`O3.v. }..{.=.:`cp.l...F...U..H.T( ..R..../...9..Z{.s..u_.{_.W....;9.......^..................................................................................................au./.>.`..../<...up .........0J.'.Q..+.".o?.....HO.Fq..Z...+....V).b...C..v{y..u..*. ,....y......OVkp......e....V%..j.Z..4.s.'..~XVk.....A.............vXu r.....v.hB.v..N.l.G..e#..NO..o.qi-Y..Q.hic..j.nu..r.......n....N.m...|#.....$@..o.(8x.,...[.1X"|.1u....\p....I......|7.3Y.};..\..@%...{...Z...,[.9.....s3Pkv...d..e....V.(RC)....j.r.t.`l.-......[.yw."...<..<2Q..j,..J..o.@N.pXB8.v...#5Ho.Mk.......V...v..aX ....G.....g..i\...mc..v.p.......A...7./.......3.Seh..ex..^...m.v..OU`f6.u......pvt......kz...5Z.=yx..Wz...a.p...E.........j.y!.L.).A....m...A.hB&.y|...z..cs7.GQ...].....J.~ppX .........~....Ej...Z.*\w.u.Gv(.M.o..f.^...~.W.eoG.2i.35......L.N.OA......

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\10[1].json

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):19
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.6818808028034042
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:YVXK+W9:Y9K+W9
                                                                                                                                                                                                                                                                                                                                                                                MD5:8FBB197A46BFBC0877ECDE22EE21B582
                                                                                                                                                                                                                                                                                                                                                                                SHA1:598480CDC624A167BA58F96B0F79FC9C85DC193D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:A92C5B1252BD5AFBC6BA9E5783FCFF146188FF715DEE96CFE5F437AE7A125CB3
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:0AF8A3610A164852A653CBA039AEEB77EA037B2684A66CA52029A87E3E8028896CFC37D48B302519D1C909D0619669448F88F3F44D128DF35167F495894CAB1A
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:{"processed": true}

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\R7IW179X.txt

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Generic INItialization configuration [Common]
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):1452
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.403538116173046
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:3gGwlrFWI5vAVqeJCggyoqf1VXn7GRFlp0unrP+iCP7At3RbLk:3gGweI7eJCg1jn7Gn0unr+iCP7W3k
                                                                                                                                                                                                                                                                                                                                                                                MD5:B2A05F86E104C98584C013B0AC83DFD1
                                                                                                                                                                                                                                                                                                                                                                                SHA1:33701F3EA2EC5F48A403E04F3CDB02B95BFA872D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:47BB4C665FD7A215A291C0E379C0312C5771CD6ED419B035906351D19B750250
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:43F3E65013B69027827218CBB89BD0AA1EA4BE2F1C0B3D7F1DD47378209519415CEC1ECC159D682B18D5628E0CD0BCB59EEB2BACD20D231741B9090DDB3DF076
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:[Encrypt]..CCPOC=DISABLED..DTNP=1200..DUNP=900..[Common]..AlphaIntegration=1..AlphaMigration=1..AU2=1..AUTNV=0..CCAM=DISABLED..CCNU=0..CCT=ENABLED2..DriverScanInterval=7..DriverUpdater=1..DriverUpdaterVersion=1..DumpReporting=1..DUSkipOnboarding=0..GDDEBUG=1..HCAddResults=1..HCDirectCart=0..HCResolveBtn=0..HCSkipAdvanced=0..HealthCheck=1..HealthCheckIpm=1..HealthCheckNF=1..HealthCheckVersion=1..HideRegistry=1..NotificationCentre=1..OPSWATSoftwareUpdater=1..OPSWATSoftwareUpdaterHC=1..PC=0..PCCU=0..PCCUD=5..PE=1..PENP=27..PerformanceOptimizerVersion=1..POSkipOnboarding=0..PrivacyPolicyDate=2024-02-13..ProFeatureCounters=1..PTOOF=0..QuickCleanIpm=1..REU=90..ShowOffers3rdParty=1..SoftwareUpdater=1..SoftwareUpdaterIpm=1..SPERDI=8..SRDI=8..SUExclusions=tp3149,tp848,tp3197,tp2434,tp921,tp236,tp468,tp471,tp2867,tp569,tp570,tp1339,tp2843,tp2594,tp3009,tp1373,tp311,tp571,tp1434,tp2571,tp2845,tp2979,tp2047,tp411,tp1774,tp2346,tp1082,tp3083,tp366,tp2579,tp2581,tp2580,tp2697,tp361,tp605,tp1677,tp11

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\RX3GZ0SR.txt

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Generic INItialization configuration [Common]
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):1452
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.403538116173046
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:3gGwlrFWI5vAVqeJCggyoqf1VXn7GRFlp0unrP+iCP7At3RbLk:3gGweI7eJCg1jn7Gn0unr+iCP7W3k
                                                                                                                                                                                                                                                                                                                                                                                MD5:B2A05F86E104C98584C013B0AC83DFD1
                                                                                                                                                                                                                                                                                                                                                                                SHA1:33701F3EA2EC5F48A403E04F3CDB02B95BFA872D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:47BB4C665FD7A215A291C0E379C0312C5771CD6ED419B035906351D19B750250
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:43F3E65013B69027827218CBB89BD0AA1EA4BE2F1C0B3D7F1DD47378209519415CEC1ECC159D682B18D5628E0CD0BCB59EEB2BACD20D231741B9090DDB3DF076
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:[Encrypt]..CCPOC=DISABLED..DTNP=1200..DUNP=900..[Common]..AlphaIntegration=1..AlphaMigration=1..AU2=1..AUTNV=0..CCAM=DISABLED..CCNU=0..CCT=ENABLED2..DriverScanInterval=7..DriverUpdater=1..DriverUpdaterVersion=1..DumpReporting=1..DUSkipOnboarding=0..GDDEBUG=1..HCAddResults=1..HCDirectCart=0..HCResolveBtn=0..HCSkipAdvanced=0..HealthCheck=1..HealthCheckIpm=1..HealthCheckNF=1..HealthCheckVersion=1..HideRegistry=1..NotificationCentre=1..OPSWATSoftwareUpdater=1..OPSWATSoftwareUpdaterHC=1..PC=0..PCCU=0..PCCUD=5..PE=1..PENP=27..PerformanceOptimizerVersion=1..POSkipOnboarding=0..PrivacyPolicyDate=2024-02-13..ProFeatureCounters=1..PTOOF=0..QuickCleanIpm=1..REU=90..ShowOffers3rdParty=1..SoftwareUpdater=1..SoftwareUpdaterIpm=1..SPERDI=8..SRDI=8..SUExclusions=tp3149,tp848,tp3197,tp2434,tp921,tp236,tp468,tp471,tp2867,tp569,tp570,tp1339,tp2843,tp2594,tp3009,tp1373,tp311,tp571,tp1434,tp2571,tp2845,tp2979,tp2047,tp411,tp1774,tp2346,tp1082,tp3083,tp366,tp2579,tp2581,tp2580,tp2697,tp361,tp605,tp1677,tp11

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\Roboto-Bold-v1[1].ttf

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoBoldRoboto BoldVersion 2.001150; 2014Roboto
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):162464
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.524438741684788
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:x6X+/XYXXXXXXP9kPbVQdSZr/OkS98QSADOy9w4zb4VB22knj+1NmLVhygfTZluN:x+yZQMOJZDboVB22k5zTW+w
                                                                                                                                                                                                                                                                                                                                                                                MD5:D329CC8B34667F114A95422AAAD1B063
                                                                                                                                                                                                                                                                                                                                                                                SHA1:0A1793926E2EE724CF2FF3FC7ADC745348659F82
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:EF2AB0E402D5CB9DE893E263A2C44E57F57FEC3974B0D981BFE84DEC3DAE83A1
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:34B78978F62FD447C60654E4BE36877EB95AE9B7F616CA59858D2251C47825EEEBEAFD04D317D1E36D4C0FA9122A94D0140A81B2EE69FB08A3237EAC4279BCFC
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:........... GDEF.5.5.......DGPOSZ.61...<..Y|GSUB.2....b.....OS/2..........`cmap@&Hr...|....cvt .N$.../....BfpgmS.W...-D....gasp............glyf.u./..9....vhdmxWHS7........head.......,...6hhea.&.....d...$hmtxT...........loca....../.....maxp........... name7.c....(....post.m.d....... prep.6~.../..............F>._.<...................N..0.....s.................l.......0.5...............................N.................................3.......3.....f..................P.!....!....GOOG. .........f.... ........:... . .....d.................-.|...@...@...\..._.@.G.K.?...|...(.....^.9...#...n.S.~......._.......F...@...7...i...d...=..._...V.B.}...9...6.....".x...-.).K.b.......<.V.3.......b...s.^.....U...x.(.....U.............V.).....T.......E...(.D.t.;.....#...........I.9.x.`...9.....,.......4.J.D...o.,.B...B.S.H.......E.z.h...m.....F.o...~...o.{.i...B...o...B...o...8.....z.h...................J...0.......".0.j.B.....c...c...Q...........\...].F.V.......M.i.~.F.V.......~.L.Y...7...0...e.......K

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\Roboto-Light-v1[1].ttf

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:TrueType Font data, 17 tables, 1st "GPOS", 15 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.Roboto LightRegularVersion 2.001151; 2014Roboto-L
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):162420
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.5451429747376
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:LX9E5gPCzd+xMOknOhTwLMkaZVn4rEm0n2TCqtUD5Mq6rrdUIDP+Nk/XXLBH:JEa2Mx17TwL67n2Tttu5Mq6vNmyXXLBH
                                                                                                                                                                                                                                                                                                                                                                                MD5:7B5FB88F12BEC8143F00E21BC3222124
                                                                                                                                                                                                                                                                                                                                                                                SHA1:2E3148D213B15328EBEBBA14E828FB3BF79634EE
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:E7EA653DDEC2D2A74D0DCBFF099C009CC7469EC323A50C89A2915CE44CA4C0B4
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:266D424E8BDB4128472618CE6AFB18BA7A5D2924548706864104B1FB74BDB3C9F0FB1BD8D8E1B0C7241FB54E3BBB42D35BB180EFD7378B2BCF3C352A0F694DAE
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:............GPOS.......4..Q.GSUBL.(...a....hOS/2.C.........`cmap@&Hr...l....cvt ..).../....Rfpgms.....-4....gasp.......(....glyf...T..9....thdmx!...........head.3.........6hhea...k...T...$hmtx...*........loca..,.../.....maxp...\...x... name<.n....8....post.m.d....... prep..m3..................n._.<...................N.. .....s.................l.....7. .E...............................Y...............r.......q.,.......3.......3.....f..................P.!....!....GOOG.@.........f.... ........:... . .....d.....................L.....U.o.s...m...l.\.w.......!.e.....K...<.J.1.....-...o.x.o...o.i.o.b.o.C.o...o...o.M.o.j.o.e.......<...M.m...%.|...T.N.q.........2...=...........x.......!...g.G.....7...........j.}.....j.y.......X...4.B.......,.=...7.......Z.....'.0.....T.M.t...I.g.I.d.o.....^.r.l.".Z...?.p.l.d.......................e...{.Z.o...v.l.......e.....e.....&...?...0... ...W...D.........z.......[.w...]...m...,.......f.q...e.k.......{.].|.j.f.j.j.....=.T...L...G.@.|.t.....S.......b...~....

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\Roboto-Regular-v1[1].ttf

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.001101; 2014Roboto-Regular
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):162876
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.532050095534921
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:jgWSNgHPoqWL1MMeFchiZ414XtvlbjybHp/rGazzxla34cS2FXzyuDAbM5hDWH3b:jrsHYt56Nklyuk8WMoBiul
                                                                                                                                                                                                                                                                                                                                                                                MD5:AC3F799D5BBAF5196FAB15AB8DE8431C
                                                                                                                                                                                                                                                                                                                                                                                SHA1:CB0CB91A31F43293BD7042DDAB945CE161C29D3D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:F0E5A21BF5C95E4C1BCE2BE98A3656EBCC6D42A21F41C4E3EBF69DD815702E54
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:A8B7F0F8759FCE064B8576429A59A0B18BFC7A6AA3B140AF43EC665FFAAD2A1CB27A2BD745435113894EC5D607A3EA706F92C19CA5A233D87F464362DD6063CB
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:........... GDEF.W.Y.......DGPOSJr....0..R$GSUB.....dT....OS/2...........`cmap@.Iv...|....cvt $A..../....Lfpgmg.\...-D....gasp............glyf.....9....6hdmx78..........head.F.....,...6hhea.......d...$hmtx..........loca..g...0(....maxp........... name5ScY...(....post.m.d....... prept...../..............*Y._.<...................N......0.s.................l.....I...J.0.............................T.................................3.......3.....f..................P.!....!....GOOG.@.........f.... ........:... . .....d...........................w.~.n...i...e.e.g.......&.r.....N.....5.%.....L...~.s.~...~.].~.^.~.5.~...~...~.M.~.p.~.d.......)...H.d.........K./.j.8.......5.w.?.......l...s.z.....-...j.5.....N.............v.......m.......P...1.0.........=...9.......V.....H.(.....X.@.....y.9.Z.m.}...0.\..._.=.]...<.}.`.h.......................j.....[.}....._..... ._.....i.....!...+...).......X...@.........q.......`.i...[...i...........Z.X.f.I.[.......f.n...J.Z...x.....F.a...B...>...{.......C

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\Roboto-Regular-v1[2].ttf

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.001101; 2014Roboto-Regular
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):162876
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.532050095534921
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:jgWSNgHPoqWL1MMeFchiZ414XtvlbjybHp/rGazzxla34cS2FXzyuDAbM5hDWH3b:jrsHYt56Nklyuk8WMoBiul
                                                                                                                                                                                                                                                                                                                                                                                MD5:AC3F799D5BBAF5196FAB15AB8DE8431C
                                                                                                                                                                                                                                                                                                                                                                                SHA1:CB0CB91A31F43293BD7042DDAB945CE161C29D3D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:F0E5A21BF5C95E4C1BCE2BE98A3656EBCC6D42A21F41C4E3EBF69DD815702E54
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:A8B7F0F8759FCE064B8576429A59A0B18BFC7A6AA3B140AF43EC665FFAAD2A1CB27A2BD745435113894EC5D607A3EA706F92C19CA5A233D87F464362DD6063CB
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:........... GDEF.W.Y.......DGPOSJr....0..R$GSUB.....dT....OS/2...........`cmap@.Iv...|....cvt $A..../....Lfpgmg.\...-D....gasp............glyf.....9....6hdmx78..........head.F.....,...6hhea.......d...$hmtx..........loca..g...0(....maxp........... name5ScY...(....post.m.d....... prept...../..............*Y._.<...................N......0.s.................l.....I...J.0.............................T.................................3.......3.....f..................P.!....!....GOOG.@.........f.... ........:... . .....d...........................w.~.n...i...e.e.g.......&.r.....N.....5.%.....L...~.s.~...~.].~.^.~.5.~...~...~.M.~.p.~.d.......)...H.d.........K./.j.8.......5.w.?.......l...s.z.....-...j.5.....N.............v.......m.......P...1.0.........=...9.......V.....H.(.....X.@.....y.9.Z.m.}...0.\..._.=.]...<.}.`.h.......................j.....[.}....._..... ._.....i.....!...+...).......X...@.........q.......`.i...[...i...........Z.X.f.I.[.......f.n...J.Z...x.....F.a...B...>...{.......C

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\ZTA0I6KA.txt

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Generic INItialization configuration [Common]
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):1452
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.403538116173046
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:3gGwlrFWI5vAVqeJCggyoqf1VXn7GRFlp0unrP+iCP7At3RbLk:3gGweI7eJCg1jn7Gn0unr+iCP7W3k
                                                                                                                                                                                                                                                                                                                                                                                MD5:B2A05F86E104C98584C013B0AC83DFD1
                                                                                                                                                                                                                                                                                                                                                                                SHA1:33701F3EA2EC5F48A403E04F3CDB02B95BFA872D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:47BB4C665FD7A215A291C0E379C0312C5771CD6ED419B035906351D19B750250
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:43F3E65013B69027827218CBB89BD0AA1EA4BE2F1C0B3D7F1DD47378209519415CEC1ECC159D682B18D5628E0CD0BCB59EEB2BACD20D231741B9090DDB3DF076
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:[Encrypt]..CCPOC=DISABLED..DTNP=1200..DUNP=900..[Common]..AlphaIntegration=1..AlphaMigration=1..AU2=1..AUTNV=0..CCAM=DISABLED..CCNU=0..CCT=ENABLED2..DriverScanInterval=7..DriverUpdater=1..DriverUpdaterVersion=1..DumpReporting=1..DUSkipOnboarding=0..GDDEBUG=1..HCAddResults=1..HCDirectCart=0..HCResolveBtn=0..HCSkipAdvanced=0..HealthCheck=1..HealthCheckIpm=1..HealthCheckNF=1..HealthCheckVersion=1..HideRegistry=1..NotificationCentre=1..OPSWATSoftwareUpdater=1..OPSWATSoftwareUpdaterHC=1..PC=0..PCCU=0..PCCUD=5..PE=1..PENP=27..PerformanceOptimizerVersion=1..POSkipOnboarding=0..PrivacyPolicyDate=2024-02-13..ProFeatureCounters=1..PTOOF=0..QuickCleanIpm=1..REU=90..ShowOffers3rdParty=1..SoftwareUpdater=1..SoftwareUpdaterIpm=1..SPERDI=8..SRDI=8..SUExclusions=tp3149,tp848,tp3197,tp2434,tp921,tp236,tp468,tp471,tp2867,tp569,tp570,tp1339,tp2843,tp2594,tp3009,tp1373,tp311,tp571,tp1434,tp2571,tp2845,tp2979,tp2047,tp411,tp1774,tp2346,tp1082,tp3083,tp366,tp2579,tp2581,tp2580,tp2697,tp361,tp605,tp1677,tp11

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\info[1].json

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:modified
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):338
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.915916917886737
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6:YEMxL0nOHIMR4Bk9zs7XK4d+2pHMAaNmdX2Jt1BmtOoEr20VVi3L1nJWA/+1CY:YDxLBHxR4B4I6++2pHMAaNmd4t1Bm9El
                                                                                                                                                                                                                                                                                                                                                                                MD5:D522B89FFF96F51FA1C685B92C148074
                                                                                                                                                                                                                                                                                                                                                                                SHA1:E7AA830A3253F535BA353C08A91CCF89C0619B34
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:9980C8190E5AADB37FFBAC5952355D9EB4157ED9FB6FA9263E8A3FB198C7CC79
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1B78AA6B6CA83EB34228BC574BCFD139BB03B0F453F50BC4DB353DBBBE2C01FE673A03455D15EC939F6D8812A69168BA44AB887AC8CF44D94BCBDBB52E1F0089
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:{"asnNumber":3356,"asnOrganization":"LEVEL3","city":"New York","continent":"North America","continentCode":"NA","country":"US","countryName":"United States","ip":"8.46.123.75","isp":"CenturyLink","latitude":40.7123,"longitude":-74.0068,"organization":"CenturyLink","postalCode":"10118","subdivisions":["NY"],"timezone":"America/New_York"}

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\info[2].json

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):338
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.915916917886737
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6:YEMxL0nOHIMR4Bk9zs7XK4d+2pHMAaNmdX2Jt1BmtOoEr20VVi3L1nJWA/+1CY:YDxLBHxR4B4I6++2pHMAaNmd4t1Bm9El
                                                                                                                                                                                                                                                                                                                                                                                MD5:D522B89FFF96F51FA1C685B92C148074
                                                                                                                                                                                                                                                                                                                                                                                SHA1:E7AA830A3253F535BA353C08A91CCF89C0619B34
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:9980C8190E5AADB37FFBAC5952355D9EB4157ED9FB6FA9263E8A3FB198C7CC79
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1B78AA6B6CA83EB34228BC574BCFD139BB03B0F453F50BC4DB353DBBBE2C01FE673A03455D15EC939F6D8812A69168BA44AB887AC8CF44D94BCBDBB52E1F0089
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:{"asnNumber":3356,"asnOrganization":"LEVEL3","city":"New York","continent":"North America","continentCode":"NA","country":"US","countryName":"United States","ip":"8.46.123.75","isp":"CenturyLink","latitude":40.7123,"longitude":-74.0068,"organization":"CenturyLink","postalCode":"10118","subdivisions":["NY"],"timezone":"America/New_York"}

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\info[3].json

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):338
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.915916917886737
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6:YEMxL0nOHIMR4Bk9zs7XK4d+2pHMAaNmdX2Jt1BmtOoEr20VVi3L1nJWA/+1CY:YDxLBHxR4B4I6++2pHMAaNmd4t1Bm9El
                                                                                                                                                                                                                                                                                                                                                                                MD5:D522B89FFF96F51FA1C685B92C148074
                                                                                                                                                                                                                                                                                                                                                                                SHA1:E7AA830A3253F535BA353C08A91CCF89C0619B34
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:9980C8190E5AADB37FFBAC5952355D9EB4157ED9FB6FA9263E8A3FB198C7CC79
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1B78AA6B6CA83EB34228BC574BCFD139BB03B0F453F50BC4DB353DBBBE2C01FE673A03455D15EC939F6D8812A69168BA44AB887AC8CF44D94BCBDBB52E1F0089
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:{"asnNumber":3356,"asnOrganization":"LEVEL3","city":"New York","continent":"North America","continentCode":"NA","country":"US","countryName":"United States","ip":"8.46.123.75","isp":"CenturyLink","latitude":40.7123,"longitude":-74.0068,"organization":"CenturyLink","postalCode":"10118","subdivisions":["NY"],"timezone":"America/New_York"}

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):64
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.34726597513537405
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:Nlll:Nll
                                                                                                                                                                                                                                                                                                                                                                                MD5:446DD1CF97EABA21CF14D03AEBC79F27
                                                                                                                                                                                                                                                                                                                                                                                SHA1:36E4CC7367E0C7B40F4A8ACE272941EA46373799
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:A7DE5177C68A64BD48B36D49E2853799F4EBCFA8E4761F7CC472F333DC5F65CF
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:A6D754709F30B122112AE30E5AB22486393C5021D33DA4D1304C061863D2E1E79E8AEB029CAE61261BB77D0E7BECD53A7B0106D6EA4368B4C302464E3D941CF7
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:@...e...........................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.chk

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):8192
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.0641560893037458
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:gttf7XClRllottf7XClRll:gttScttS
                                                                                                                                                                                                                                                                                                                                                                                MD5:5040A8BCC00CDD51F643AE1A4D649480
                                                                                                                                                                                                                                                                                                                                                                                SHA1:FEF64719DFB163BEE51C9149F3E3EEBC0F314BED
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:22644D50CF1FC5CCE30618E714D31E6FB5C545B3DEFC9F30CB42A32B64F7E20D
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C835BD2F683011593CDA230FB21862C85C94938D32937E0D784E783CBAC8D8D2D25FB1A826286A6EB99DB8AB92B554810107D3DACFD8472215E2FC7906AB947D
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.7....................("...{q.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\V01.log

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):524288
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.03290513261836289
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:il66DN6DqriypvTDN6DdiXyqisIJDN6DqDi:zaNaA5/NadFNa
                                                                                                                                                                                                                                                                                                                                                                                MD5:CD1B845379178AB0C9A66D6F97A13073
                                                                                                                                                                                                                                                                                                                                                                                SHA1:44297E240A971F2EFAAB72AA5CFD470A14F8EDBE
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:91CC0E385F0DCE593EC25B409CB669545ABD8995BC4419BBAD9C2E51CF58ADAD
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:8716B62863284A6A7356EBBE1E872BE98B0B480627585196CA35733E7DDDCA05EE48886D6E93A56FE1A1EF3318B706BBAC30129B0F609BED4D724549EA63A6C6
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:\.@.............5....|.......{..........<......("...{q.................C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\............................................................................................................................................................................................................C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\.............................................................................................................................................................................................................0u.............................................v..........H..$.....#......... ...!......_.......h.w.....6.t.....E{ow("...{..................C.:.\.U.s.e.r.s.\.a.l.f.o.n.s.\.A.p.p.D.a.t.a.\.L.o.c.a.l.\.M.i.c.r.o.s.o.f.t.\.W.i.n.d.o.w.s.\.W.e.b.C.a.c.h.e.\.W.e.b.C.a.c.h.e.V.0.1...d.a.t..........................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Extensible storage engine DataBase, version 0x620, checksum 0xe90d2be5, page size 32768, DirtyShutdown, Windows version 10.0
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):16777216
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.8371731775820698
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:6dfjZb5aXEY2waXEY24URlWeoAPXAP5APzAPwbndOM8pHAPFJnTJn/bnXotnBQ+i:4VA4e8DyIaKKjFp2ONseWi
                                                                                                                                                                                                                                                                                                                                                                                MD5:B2D2458169EB4F3E229EB4341FC4C0B9
                                                                                                                                                                                                                                                                                                                                                                                SHA1:6487A89D1974557D3983AC24640617A3B1BB10A4
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:0DC06C0125996A11E9B4D9EB83F72BAEB3D2A4344F5BC4308105689F44602F4A
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:F389DE91DE26B07A648D4C9D50E8C865F46E95259840F86FE908F20F339A3F235C710E97FB0D555A5C80169522822104581C495816334685934D15E654456BF7
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:..+.... ........!......E{ow("...{......................6....... ....|]......|..h..............................("...{q............................................................................................._...........eJ......n........................................................................................................... .......5....|...................................................................................................................................................................................................{].................................L.M......|...........................|...........................#......h.......................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.jfm

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):16384
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.12417646297520757
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:NiD9zVUll/fMGBuG/XAvS4wl/iNlallnQRl9Nlvunle9YlZHaz6nla8/IavYn/nm:UhZ0tiNAeROle+hlpAaw0A
                                                                                                                                                                                                                                                                                                                                                                                MD5:919BD393424ADC3C7310B3C0D6893D63
                                                                                                                                                                                                                                                                                                                                                                                SHA1:4A01C45E724E6F59E08503D78DD6D37CE62A5C4C
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:8A2E5C3D3E48DDEDEA97F00F2518C20925D15E444E7A7E3E839815CB33198441
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:0F19E4EA7553D99170EB51E0375D4DF028CAA376E50D515FADD46B6687C08661722868F240811C21C135377ECF7118C2F123EE62270E886F21716F300D07F140
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.Bc.....................................("...{.......|.. ....|]......... ....|]. ....|]..2.. ....|]..........................|..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\6358C710-B89F-46B9-93F2-F6CAC44F5286

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):1216
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.896278676253474
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:V98uCCno8O1hU0ss8kq4RUMnImyTTlpbaRyqQgAJLEoa6HAe2ewsGYlwn:V98uBno870a2ejbf77LELKAe2e7GYlwn
                                                                                                                                                                                                                                                                                                                                                                                MD5:601E3685D8C4B506DBEC08041DD75557
                                                                                                                                                                                                                                                                                                                                                                                SHA1:2F2FFD9312F257CA23EB40FE584DED3ECC494FF5
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:F9657B989954644F9C55065B2A055144F655AE0F46D6B100DF347E9A5A6FA72D
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:17AEE1E106C32BF2C7FF5A7DF3B38E3A23A1EB68035E71EC051E301E9D3B63F0037608B28A9A7977A6F959C351B1DC6AFE937226EB290D652C5B166CD5B78806
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.y.Y.z.C.K.t.f.N.2.k.O.R.I.J.2.O.a.d.S.y.S.w.Q.A.A.A.A.C.A.A.A.A.A.A.A.Q.Z.g.A.A.A.A.E.A.A.C.A.A.A.A.D.o.K.J.f.b.M.l.v.7.L.J.c.f.x.3.7.d.2.c.v.z.l.b.b.D.J.b.n.0.g.a.T.4.4.D.o.e.w.G.C.g.s.Q.A.A.A.A.A.O.g.A.A.A.A.A.I.A.A.C.A.A.A.A.C.k.g.3.E.1.r.K.O.r.g.I.2.t.R.b.V.4.r.n.d.2.W.b.j.i.P.u.P.0.j.Y.J.a.s.c.5.T.v.M.s.6.F.v.A.A.A.A.C.y.X.O.D.l.z.d.C.K.u.o.q.u.d.X.d.I.r.+.N.0.8./.q.u.5.0.p.W.Q.M.t.p.f.J.5./.6.o.z.R.r.P.p.E.a.K.y.Q.S.g.r.W.l.F.E.4.J.R.d.S.Q.h.w.l.M.q.l.A.q.l.q.n.4.J.7.L.Y.E.n.z.I.d.z.u.U.Y.O.k.k.7.V.a.V.b.t.3.y.r.v.p.i.C.1.4.L.b.4.F.2.S./.Z.8.0.f.a.f.o.3.6.o.O.s.u.a.9.A.P.9.X.8.n.+.1.+.R.U.Y.p.i.z.Z.C.G.7.r.8.+.m.S.W.I.9.o.z.b.L.u.F.c.v.q.g.K.Z.c.4.R.I.X.b.c.x.3.t.p.G.x.W.z.W.O.c.P.9.d.Z.G.d.7.q.2.6.c.n.3.4.5.j.w.J.8.h.i.g.k.V.C.3.n.d.u.V.2.5.G.3.h.b.F.i.7.U.S.u.O.p.t.F.E.Q.p.S.o.z.0.Z.r.x.1.O.R.U.D.k.a.z.G.B.y.h.I.G.+.B./.p.e.k.0.b.l.u.I.I.G.h.M.c.z.e.Y.f.O.h.O.W.E./.z.r.V.4.V.r.Y.9.v.p.7.l.F.t.D.8.h.k.2.D.v.S.r.G.Z.

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\CheckUpdate.log

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):1
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:U:U
                                                                                                                                                                                                                                                                                                                                                                                MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                                                                                                                                                                                                                                                                                                                                SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:1

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\D566D7D7-DCD6-471C-8109-BE0AD33199E3

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):64
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):2.7165786642591
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:CGKMTlsQldIHldFQDIKQykS:zKMvoHlQUS
                                                                                                                                                                                                                                                                                                                                                                                MD5:9D5A5C4D50147F5B12DDA3A3A882AAD5
                                                                                                                                                                                                                                                                                                                                                                                SHA1:5E7770402A048B6D3C542D3807937ADA8C21106E
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:C5DC37FDD09816EDCED35CFB6884A4D219F0D82009A62417A76668619285334A
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:68354A3CAC42BED7385005B2A53FCE4721EA0C02D26D2253FE5E794B3B6ACC3D86736C6F7C54678266E78C6B0E82285B6CA95ABFA05AD160D18F0F898D4CB329
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:9.0.F.8.6.7.5.3.A.1.6.A.5.8.7.B.B.8.8.5.B.F.1.6.1.3.6.7.F.6.3.C.

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\F07D8C6A-04B6-4025-869C-70A788D7B5C0

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):72
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):2.82483672359337
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:ylglHl5bRbi/n5ROSroalE+n/:2gUP5ISZlE+/
                                                                                                                                                                                                                                                                                                                                                                                MD5:CFE1F6460AEA86C69B9EA25558ED8D3B
                                                                                                                                                                                                                                                                                                                                                                                SHA1:C66E5184614910E767F878FBB03028DD2467B033
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:9F5235FFB74367BF0F50A6AB1E4C31985506234644205711F579EABEB3F066C4
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:D655679E370800C7A3F0ECA84B51149900854018E6C7AD38A29027CB9B4DF51154054B34AD1C6A15FA515BA1C7A1B6E529288F183C30C45991832F76961E2A15
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:5.b.3.2.4.b.b.f.-.8.3.4.d.-.4.d.5.4.-.8.f.4.1.-.6.c.f.8.e.a.5.0.5.5.0.8.

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\OPSBBCA.tmp

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.875
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:RGXKRjg0Nvn:z39n
                                                                                                                                                                                                                                                                                                                                                                                MD5:1D6FDAA7EF714D4D0FB521BB97B39B38
                                                                                                                                                                                                                                                                                                                                                                                SHA1:BA0E890A5813E64460226F9A9D29D76CBC294EF1
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B70B20593283E695ACF308CD0ECC0182582BEE6ECD4F8B3E4F7C040A760B33E7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:9159F977D7C6DC459A7AC4B982BC3F006E6F9D2999DECD2883FB8C981DB1EC14DC5DE10AA0A8815943CDD8EE35D8C04922A81098669727C70903108BFCF08517
                                                                                                                                                                                                                                                                                                                                                                                Malicious:true
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:Microsoft Edge..

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\OPSD146.tmp

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.875
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:RGXKRjg0Nvn:z39n
                                                                                                                                                                                                                                                                                                                                                                                MD5:1D6FDAA7EF714D4D0FB521BB97B39B38
                                                                                                                                                                                                                                                                                                                                                                                SHA1:BA0E890A5813E64460226F9A9D29D76CBC294EF1
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B70B20593283E695ACF308CD0ECC0182582BEE6ECD4F8B3E4F7C040A760B33E7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:9159F977D7C6DC459A7AC4B982BC3F006E6F9D2999DECD2883FB8C981DB1EC14DC5DE10AA0A8815943CDD8EE35D8C04922A81098669727C70903108BFCF08517
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:Microsoft Edge..

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_24vkofhx.vjg.ps1

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\wa_3rd_party_host_64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_btr0o3gs.1qx.ps1

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\wa_3rd_party_host_32.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_bvinwzbu.ati.psm1

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_cfn2fhoy.a3h.ps1

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\wa_3rd_party_host_32.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_dsrhdxjx.deb.ps1

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\wa_3rd_party_host_64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_gkfrcbtq.ffe.ps1

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_los2spzx.je4.psm1

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_newecgpf.mab.psm1

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\wa_3rd_party_host_64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_oaxwrmsj.2yy.psm1

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\wa_3rd_party_host_64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_uqskywbl.jp4.psm1

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\wa_3rd_party_host_32.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_w32iczjm.tbz.psm1

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\wa_3rd_party_host_32.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_ydhbtu23.hsf.ps1

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):60
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                                                                                MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                                                                                SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\asw66ac836ee4d4c90c.tmp

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCUpdate.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:GIF image data, version 89a, 1 x 1
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):35
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):2.9889227488523016
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:CUdrllHh/:HJ/
                                                                                                                                                                                                                                                                                                                                                                                MD5:28D6814F309EA289F847C69CF91194C6
                                                                                                                                                                                                                                                                                                                                                                                SHA1:0F4E929DD5BB2564F7AB9C76338E04E292A42ACE
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:8337212354871836E6763A41E615916C89BAC5B3F1F0ADF60BA43C7C806E1015
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1D68B92E8D822FE82DC7563EDD7B37F3418A02A89F1A9F0454CCA664C2FC2565235E0D85540FF9BE0B20175BE3F5B7B4EAE1175067465D5CCA13486AAB4C582C
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:GIF89a.............,...........D..;

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\aswa246ed9ee05d79f1.tmp

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCUpdate.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:GIF image data, version 89a, 1 x 1
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):35
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):2.9889227488523016
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:CUdrllHh/:HJ/
                                                                                                                                                                                                                                                                                                                                                                                MD5:28D6814F309EA289F847C69CF91194C6
                                                                                                                                                                                                                                                                                                                                                                                SHA1:0F4E929DD5BB2564F7AB9C76338E04E292A42ACE
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:8337212354871836E6763A41E615916C89BAC5B3F1F0ADF60BA43C7C806E1015
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1D68B92E8D822FE82DC7563EDD7B37F3418A02A89F1A9F0454CCA664C2FC2565235E0D85540FF9BE0B20175BE3F5B7B4EAE1175067465D5CCA13486AAB4C582C
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:GIF89a.............,...........D..;

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\aswddb84324c9d9bb2d.tmp

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCUpdate.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:GIF image data, version 89a, 1 x 1
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):35
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):2.9889227488523016
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:CUdrllHh/:HJ/
                                                                                                                                                                                                                                                                                                                                                                                MD5:28D6814F309EA289F847C69CF91194C6
                                                                                                                                                                                                                                                                                                                                                                                SHA1:0F4E929DD5BB2564F7AB9C76338E04E292A42ACE
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:8337212354871836E6763A41E615916C89BAC5B3F1F0ADF60BA43C7C806E1015
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1D68B92E8D822FE82DC7563EDD7B37F3418A02A89F1A9F0454CCA664C2FC2565235E0D85540FF9BE0B20175BE3F5B7B4EAE1175067465D5CCA13486AAB4C582C
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:GIF89a.............,...........D..;

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsr3318.tmp

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):244262190
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.892630976263624
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3145728:B8Kn/M7+IGaUKzZGO+Pm/AY1kG7HPU+mzyxkiY1LIYULJ:BRvEbpEyxkfLIYs
                                                                                                                                                                                                                                                                                                                                                                                MD5:E6BA5FD37D131AB19B97795B60B40AB4
                                                                                                                                                                                                                                                                                                                                                                                SHA1:8445CCFE887F4024882FF551DE4BFA381917046B
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:CB9489FF30541BF8AD6D429C1C349250D5B5A832D5CF148621ACB231B3A576C4
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:30BADEA04E97B9D1665B24DB844C45CB85AC70733ACF289B965E30DDE10D4FE55A96D2B206804677D15130326D94FAA620B28D956195E7B2BF502BF9E14EB3C7
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:........,................B... ..D...........<...&.......................................................b.......b...........i...O...........................................................................................................................................................................f...j.......O...S...Z.......................................................................................................................}.......C................................................%..................G...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ButtonEvent.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):5120
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.070048832652426
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:a7sTTDi+BjvqYR4gYFmsHFpXq65lZ9W5wOXnhLk4nOvlWxG5PZKuB:ri+BjSXgY8sHFE6TzWXzncsGSm
                                                                                                                                                                                                                                                                                                                                                                                MD5:C24568A3B0D7C8D7761E684EB77252B5
                                                                                                                                                                                                                                                                                                                                                                                SHA1:66DB7F147CBC2309D8D78FDCE54660041ACBC60D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:E2DA6D8B73B5954D58BAA89A949AACECE0527DFB940CA130AC6D3FD992D0909D
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:5D43E4C838FD7F4C6A4AB6CC6D63E0F81D765D9CA33D9278D082C4F75F9416907DF10B003E10EDC1B5EF39535F722D8DBFAB114775AC67DA7F9390DCC2B4B443
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 3%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........................Q..............A.......i.......Y.......X......._.....Rich....................PE..L....*.M...........!......................... ...............................`............@..........................!......\ ..<....@.......................P....................................................... ..4............................text...:........................... ..`.rdata....... ......................@..@.data...l....0......................@....rsrc........@......................@..@.reloc..2....P......................@..B........................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\INetC.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):24064
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.321814815133819
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:384:l4Z8sUAUNuGGsPVPEZ+OLkCnFJDhgvZwcRa9h9S4y4fO:lG8sUAUnt88CFJDhmajMA
                                                                                                                                                                                                                                                                                                                                                                                MD5:7760DAF1B6A7F13F06B25B5A09137CA1
                                                                                                                                                                                                                                                                                                                                                                                SHA1:CC5A98EA3AA582DE5428C819731E1FAECCFCF33A
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:5233110ED8E95A4A1042F57D9B2DC72BC253E8CB5282437637A51E4E9FCB9079
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:D038BEA292FFA2F2F44C85305350645D504BE5C45A9D1B30DB6D9708BFAC27E2FF1E41A76C844D9231D465F31D502A5313DFDED6309326D6DFBE30E51A76FDB5
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...........G.G.G.G.^.%...C.....F.(.C.(.D.G...A..F...F....F.RichG.........................PE..L...7M.N...........!.....,...8......A;.......@.......................................................................I..l....A..x....p...............................................................................@...............................text....+.......,.................. ..`.rdata.......@.......0..............@..@.data........P.......<..............@....rsrc........p.......P..............@..@.reloc...............V..............@..B................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\System.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):12288
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.814115788739565
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
                                                                                                                                                                                                                                                                                                                                                                                MD5:CFF85C549D536F651D4FB8387F1976F2
                                                                                                                                                                                                                                                                                                                                                                                SHA1:D41CE3A5FF609DF9CF5C7E207D3B59BF8A48530E
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:8DC562CDA7217A3A52DB898243DE3E2ED68B80E62DDCB8619545ED0B4E7F65A8
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:531D6328DAF3B86D85556016D299798FA06FEFC81604185108A342D000E203094C8C12226A12BD6E1F89B0DB501FB66F827B610D460B933BD4AB936AC2FD8A88
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......qr*.5.D.5.D.5.D...J.2.D.5.E.!.D.....2.D.a0t.1.D.V1n.4.D..3@.4.D.Rich5.D.........PE..L.....Oa...........!....."...........*.......@...............................p............@..........................B.......@..P............................`.......................................................@..X............................text.... .......".................. ..`.rdata..c....@.......&..............@..@.data...x....P.......*..............@....reloc.......`.......,..............@..B................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\UserInfo.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):4096
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.3422620069068625
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:qKDBQE7F4aBr1wH8l9QIXTZShMmj3jkCTbGr7X:5WkFZruHSXTH6jkCnGr7X
                                                                                                                                                                                                                                                                                                                                                                                MD5:2F69AFA9D17A5245EC9B5BB03D56F63C
                                                                                                                                                                                                                                                                                                                                                                                SHA1:E0A133222136B3D4783E965513A690C23826AEC9
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:E54989D2B83E7282D0BEC56B098635146AAB5D5A283F1F89486816851EF885A0
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:BFD4AF50E41EBC56E30355C722C2A55540A5BBDDB68F1522EF7AABFE4F5F2A20E87FA9677EE3CDB3C0BF5BD3988B89D1224D32C9F23342A16E46C542D8DC0926
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......K..................[.........Rich..........................PE..L...!.Oa...........!................~........ ...............................P............@.........................@"......l ..<............................@..p.................................................... ..L............................text............................... ..`.rdata....... ......................@..@.data...h....0......................@....reloc.......@......................@..B................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\a\asdk.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):1098648
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.667490399491581
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12288:U/TjOExADWCIvLhqBHp0ZdGXSfScVggggMu7QNb+a/aoV4Vax1gIzKLORnf68LjN:KqExXWfCPggggMuOZaoVyaxoLOY83
                                                                                                                                                                                                                                                                                                                                                                                MD5:E3F60A2CF6B1D155F5F7D17615907013
                                                                                                                                                                                                                                                                                                                                                                                SHA1:8191871854DCBCC4FE34218040215581B0FCCF43
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:74FCD2367FB1D9C0084547EBAF1C6DB081946453A5D0A2D668D83D3C489A60A9
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:20A57A1D2CE3D081958B4B3B48F1C902039F26DD28ABCAC94FAD6F20E8E5D630BBFD2365EB7200F7C8D676C593CB3DC465A406E8536ABDF63BD7EF76BB86DF2B
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...................................@...........!..L.!This program cannot be run in DOS mode....$.........cH.............l.........................................................................K....................i...v...i......i............i......Rich...................PE..L...Z.hc...........!.....:..........p........P......................................'9....@A............................H............0..p...........H...P)...@..H.......................................@............P...............................text...Z9.......:.................. ..`.rdata.......P.......>..............@..@.data... .... ......................@....rsrc...p....0......................@..@.reloc..H....@......................@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\g\gcapi_dll.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (console) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):356864
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.662745889899097
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:O3RIclFikwwYUP5SvL8z6uNMw4n8kUddV6F8Q4cfRUWj/aNTcES:O36SwwviL8VgnaddV6F8Q4cZBzES
                                                                                                                                                                                                                                                                                                                                                                                MD5:2973AF8515EFFD0A3BFC7A43B03B3FCC
                                                                                                                                                                                                                                                                                                                                                                                SHA1:4209CDED0CAAC7C5CB07BCB29F1EE0DC5AC211EE
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:D0E4581210A22135CE5DEB47D9DF4D636A94B3813E0649AAB84822C9F08AF2A0
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:B6F9653142EC00B2E0A5045F0F2C7BA5DBBDA8EF39EDF14C80A24ECAB3C41F081EB466994AAF0879AC96B201BA5C02D478275710E4D08B3DEBC739063D177F7E
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......s..e7.67.67.6q.x65.6._m65.6.c^66.6:.x6..6:.F6..6:.y6..6J.|6..6._v6,.67.6..6J.x6..6J.E66.6:.B66.67..66.6J.G66.6Rich7.6................PE..L.....5W.........."!.....J...X...............`............................................@.........................0#.......$...................................-...c..................................@............`......t"..@....................text....I.......J.................. ..`.rdata.......`.......N..............@..@.data....L...@......."..............@....tls.................<..............@....rsrc................>..............@..@.reloc...-...........D..............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\modern-header.bmp

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PC bitmap, Windows 3.x format, 150 x 57 x 24, image size 25764, resolution 3780 x 3780 px/m, cbSize 25818, bits offset 54
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):25818
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.1555809525391862
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:Anwo+LwPEEEfWtnriL0Wklls3yXyxATVQ89GHTsbAiveyUTe/ES33/zTXNpF:Va8E904nz9y+8zskivDLn/vR
                                                                                                                                                                                                                                                                                                                                                                                MD5:079CB79B69190FFB3A584A7344E34197
                                                                                                                                                                                                                                                                                                                                                                                SHA1:35A450167CD54BEAF5D50BD85E00858A6684C724
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:AB3DEA92A333E89F41BB310D5B5D5A52B80D2AEDF78B0516F2B1A6A9AF69B222
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:CBCD40BB163BC51DF0E42A2CE3565848734B8FD6065592CB90270182B7473ECBA71D0623505CA2C5654C9D65E16394AC55919D4018BBEFE0CB72489579593E18
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:BM.d......6...(.......9............d....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\modern-wizard.bmp

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PC bitmap, Windows 3.x format, 164 x 314 x 24, image size 154488, resolution 3780 x 3780 px/m, cbSize 154542, bits offset 54
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):154542
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.8895357436613915
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:lyd0OiQa2gwsuT5fZpd1AEtgTiVV0U1ho410uR3W:lydd1nrHtTZG
                                                                                                                                                                                                                                                                                                                                                                                MD5:8BD95FBD159E00B9823FE8D60CCF9B50
                                                                                                                                                                                                                                                                                                                                                                                SHA1:C55E1A485062EFCAE2AC4D4AA43172A0D8DC9413
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:6EF238FAFC028BA028EACBFF28BCC670CD7213DF9318F99F619AC3E2988D16F3
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1BBF9D41D3180CFDDB99E300142B619DDBC225A099A43E8755AECB44000A4248A7606D04BBEA3C1E65143FC488C40D30FCF9BDD418174BD821247B932977F86F
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:BM.[......6...(.......:...........x[....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\nsDialogs.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):9728
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.158136237602734
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:96:o0svUu3Uy+sytcS8176b+XR8pCHFcMcxSgB5PKtAtgt+Nt+rnt3DVEB3YcNqkzfS:o0svWyNO81b8pCHFcM0PuAgkOyuIFc
                                                                                                                                                                                                                                                                                                                                                                                MD5:6C3F8C94D0727894D706940A8A980543
                                                                                                                                                                                                                                                                                                                                                                                SHA1:0D1BCAD901BE377F38D579AAFC0C41C0EF8DCEFD
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:56B96ADD1978B1ABBA286F7F8982B0EFBE007D4A48B3DED6A4D408E01D753FE2
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:2094F0E4BB7C806A5FF27F83A1D572A5512D979EEFDA3345BAFF27D2C89E828F68466D08C3CA250DA11B01FC0407A21743037C25E94FBE688566DD7DEAEBD355
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Antivirus:
                                                                                                                                                                                                                                                                                                                                                                                • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......|..c8O`08O`08O`08Oa0.O`0.@=05O`0llP0=O`0.If09O`0.od09O`0Rich8O`0........PE..L.....Oa...........!.........0......g........0............................................@..........................6..k....0.......p...............................................................................0...............................text............................... ..`.rdata..{....0......................@..@.data...h!...@......................@....rsrc........p....... ..............@..@.reloc..~............"..............@..B................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\nsProcess.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):4608
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.703695912299512
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:Sz4joMeH+Iwdf8Rom/L+rOnnk5/OCnXeAdbdOAa4GPI+CJ87eILzlq7gthwIsEQW:64c/eFdfS/SSnkxNa4G+ueqPuCtGsj
                                                                                                                                                                                                                                                                                                                                                                                MD5:F0438A894F3A7E01A4AAE8D1B5DD0289
                                                                                                                                                                                                                                                                                                                                                                                SHA1:B058E3FCFB7B550041DA16BF10D8837024C38BF6
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:30C6C3DD3CC7FCEA6E6081CE821ADC7B2888542DAE30BF00E881C0A105EB4D11
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:F91FCEA19CBDDF8086AFFCB63FE599DC2B36351FC81AC144F58A80A524043DDEAA3943F36C86EBAE45DD82E8FAF622EA7B7C9B776E74C54B93DF2963CFE66CC7
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........s.I...I...I...n}f.L...I...P...@..K...@..H...@..H...RichI...........................PE..L...\..N...........!......................... ...............................`.......................................#....... ..<....@.......................P..|.................................................... ..d............................text............................... ..`.rdata....... ......................@..@.data... ....0......................@....rsrc........@......................@..@.reloc.......P......................@..B................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\p\ServiceUninstaller.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):509424
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.731421785316144
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12288:Iuxv89zhwE04WSrOzqCxHoRNR4DdjuJjQn6nPOy:ZJ5SrOzqCZxDdjuVe6nPn
                                                                                                                                                                                                                                                                                                                                                                                MD5:3053907A25371C3ED0C5447D9862B594
                                                                                                                                                                                                                                                                                                                                                                                SHA1:F39F0363886BB06CB1C427DB983BD6DA44C01194
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:0B78D56ACEEFB4FF259660BD55BBB497CE29A5D60206B5D19D05E1442829E495
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:226530658B3E1530F93285962E6B97D61F54039C1BBFCBC5EC27E9BA1489864AECD2D5B58577C8A9D7B25595A03AA35EE97CC7E33E026A89CBF5D470AA65C3E8
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......j.v#...p...p...p:..q#..p:..q...p:..q6..p|..q>..p|..q9..p|..qg..p:..q)..p'..p,..p...p...px..q'..px..q/..px..p/..p..p/..px..q/..pRich...p........PE..L..."-.b...........!................................................................Yy....@A.........................+.......,..P.......h................)......DB......T...............................@............................................text...:........................... ..`.rdata.............................@..@.data....6...@...(...*..............@....rsrc...h............R..............@..@.reloc..DB.......D...X..............@..B........................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\p\pfBL.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):14143176
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.788993076902904
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:196608:fQbSdSbU/SYd7AkCGYnYE86jbH2hkqETkR1Vj7gHqafCs:fQvl7nYE86jqiI1Vj7gHqa6s
                                                                                                                                                                                                                                                                                                                                                                                MD5:9D2793F8B41CFEE6070756EF788CF224
                                                                                                                                                                                                                                                                                                                                                                                SHA1:80489DBECCF34BA5553BEB90022A6159379399E9
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:AB1006A2D8463C437CAA68C7782624D7ED82D076CAAA9AB4B9ED957290E13275
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:2961DFF76CA69B7C11C6D2F2BDFBE63A7B2D4DA5785759B873DD60B4FF3DF72D894AFD04A928353EA71F0FBAECC75AB75E9097B7F9203DBEF90F603321383AD3
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...................................h...........!..L.!This program cannot be run in DOS mode....$.......\Z...;.P.;.P.;.PSC.Q.;.PSC.Q.;.P..*P.;.P...Q.;.P...Q.;.P...Qi;.PSC.Q.;.PSC.Q=;.P.U.Q.;.P.U.Q(;.P.N.Q.;.PNN.Q.;.P.N.Q3;.P.I.Q.;.PNN.Q.;.P.N.Q.8.P.CDP.;.P.;.P;;.PSC.Q.;.P.;.P.8.Pr..Q.9.Pr..Q.;.Pr.(P.;.P.;@P.;.Pr..Q.;.PRich.;.P........PE..L.....+g...........!...&.v....C..... ........................................0......YD....@A............................$...4............................*.......~..@=..T....................=.......<..@............... ............................text...*t.......v.................. ..`.rdata...b+......d+..z..............@..@.data............R..................@....rsrc................0..............@..@.reloc...~...........$..............@..B................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\pfUI.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):9707208
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.671024712129659
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:98304:kzbim2B6SUHQ7bL3msslZ7wMM6u6O7uvA28v++etUZKPwTKd2YfxiAP+G+Bd7AtC:kvzJw7AlVwMMmruGJd7iAP+pBdsC
                                                                                                                                                                                                                                                                                                                                                                                MD5:1230E9D7E366AFE85A047738CAFDE496
                                                                                                                                                                                                                                                                                                                                                                                SHA1:F09F697BBF62D2C549A6CCBD613ADE15A150115C
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:59B7EAB6EBFECBFAF94D68C646C56F6DA34F9D6A537504B8A2A4477B32A7D42C
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1653BBA1CA202445F9F7296D2CE367B863BF23D6D28274F7A24244F16F62D2ABAB9AAC0284E2B5B3646F8066B787A8DCCC2A2BAD53FB19867D038A613CED9422
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........).rrz.rrz.rrz..w{.rrz:.w{.rrz..z.rrz..v{.rrz..q{.rrz..w{.rrz..q{.rrz..v{.rrz|.w{.rrzy.v{.rrz!.v{.rrz..v{.rrz.rrz.rrz).w{.rrz..w{.rrz..t{.rrz!.w{.rrz0.s{.rrz..s{.rrz).v{|qrz...z.rrz.rsz.qrz..{{.prz..r{.rrz..z.rrz.r.z.rrz..p{.rrzRich.rrz........................PE..L...j.+g...........!...&.ZM..tg.....P.)......pM...........................................@A........................p.f.....L.k......P...................*...........^.T...................@.^.......^.@............pM..............................text...[XM......ZM................. ..`.rdata..:....pM......^M.............@..@.data.....%..@l..,..."l.............@....rsrc........P.......Np.............@..@.reloc............................@..B................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\CC_Logo_40x96.png

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PNG image data, 40 x 37, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):2917
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.919668479594029
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:w7qkcM5Xno7pkNijRBH9wcByGcu892wLdpPHWSSoF5WSy1a1Q+ZcHFtGmD:GeM5XoeuFzvuP5xs2OTGy
                                                                                                                                                                                                                                                                                                                                                                                MD5:D32B0460183056D3056D6DB89C992B88
                                                                                                                                                                                                                                                                                                                                                                                SHA1:79823E151B3438AB8D273A6B4A3D56A9571379B4
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B013039E32D2F8E54CFEBDBFDABC25F21AA0BBE9EF26A2A5319A20024961E9A7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:3AD36F9D4015F2D3D5BC15EAC221A0ECEF3FCB1EF4C3C87B97B3413A66FAA445869E054F7252CC233CD2BF8F1AA75CB3351D2C70C8121F4850B3DB29951BC817
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.PNG........IHDR...(...%.....0`......sRGB.........IDATX..Xil\..=o..3....1.q"b.,.HS.R...J.EE.*Z.K.R...Z.*..."~..?*U.PK.....KH..(aQ.g..N....>o.....8..8f..;.-w9.|.}Z.....dN>.7..W,.wl@.a4.a.."..F8....E.\...*.<......B...f[0....pu..f ....`v^.h.F4..Pc..3..e0.p.r/..ox.f. ...N .a....%....).6-....<.S...Z...).......|....3.L..w._..,.0b1 ..f..F4.....f.... ..>..:..#..+.V,.....h.......0~ ............q.3):...#_...x/......p.WF+.w@.T.Qy.......BO'.zj'......Qj..+3o...?Dxb.."\...U.$.......`.E.)...i8.X..Yc<...6.L.......).Ri....8..]L.r'..".$....d...."L...o....Lc[$...\.3.l.v.V.l.d........ZU ...<q...z.a...+PuV(Z..[..F.z..../E')r..E.5...lN=..9....(.~.G~.....z...<M.;].7.@.$7*,.E}d.8..6b49.UF...)X.K@.......V .....f........2.......8.G.&.r....y..&...t..;#.X.W......5...l.z.G.:+Wc.7....pQ+v.%d.{.aM#..k.H...W.....(^[..'.^.p.u.I.p.B...F=..T..FguO..g.....?.1Z.w../.0=.....4*.l^....;..5..............*.u7~...e..jv...#........f..f ..z(......X.......dP....#.w'....?D}2.

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\CC_logo_72x66.png

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PNG image data, 72 x 66, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):7486
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.964739649140705
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:192:SCVcCARPBHZUeIIPY6ZGH5AESYAsMTwtDhAMq:SlRJ5UeII7wEBJTwSL
                                                                                                                                                                                                                                                                                                                                                                                MD5:A736159759A56C29575E49CB2A51F2B3
                                                                                                                                                                                                                                                                                                                                                                                SHA1:B1594BBCA4358886D25C3A1BC662D87C913318CB
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:58E75DE1789C90333DAAF93176194D2A3D64F2EECDF57A4B9384A229E81F874F
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:4DA523A36375B37FA7BC4B4CCF7C93E1DF7B2DA15152EDF7D419927AA1BB271EF8BA27FE734D2F623FCC02B47319E75333DF014BED01EB466E0CD9EC4111EF53
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.PNG........IHDR...H...B......v.!....tEXtSoftware.Adobe ImageReadyq.e<....IDATx..\..\U.>.........N.... .;.Yd..DP.ap..q@d..qp\>..AEP6..E.(.a...hX...Y:K..N.....9wyU.p...q:y]...........5...s..3..[.....FC.D....8-.!(.......E.v....d_....,H6........kXf.i.S)12......P...G<....p(...~......]...=.......>yR.T.T..[.5.0M...&%`.&bB.......o....8.@..}.....+.^..+..(..?v......?.@..b|...klJ~..y..p.q.....p..(>.?0,0 .Fp!..l.<8...........S.(?.d._......{....}.k.........'5..W..g&S.aY...X...gk.....,I...>...M....e.....<......4B6E@.$. ..`y>.....cE..-=..~.cdd....c...N^S..?.J.-..."m."@.>..S4/.H....(..j=.>.8.F6v.t..7...5.. .Z..2.).i...x. X.@.........f.X...u......y.../...cs..h.6M.1a...1.%D\).....R..Sp"...X.t"...ws..^..x3~.....8Q...... .d.>...M....u..8v.=?..:........x.A..$.;....6@....A..U&....L4..4...V........M.L..!..c.T. .UG.r...~.c.cP.X.M......^2..@......6'.O.YD..M.V........4.19..|",@....w.U...,.g.a.".....2.I..&..QM.(f.8.8^|\.<...mL..3....8t.....=.t..I{y.c.#A....M...

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\Montserrat-Regular.otf

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:OpenType font data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):45360
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.905288287751393
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:AhyKKD3ss27ucoAXMH1GyOisclJ1V815wWnmCufcrElJgLDKja5nCwY9ldrij:IKD3ss26fA8H5OisqCufweJWmDwYzcj
                                                                                                                                                                                                                                                                                                                                                                                MD5:27E50FFD6A14CBC8221C9DBD3B5208DC
                                                                                                                                                                                                                                                                                                                                                                                SHA1:713C997CE002A4D8762C2DCC405213061233E4BC
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:40FC1142200A5C1C18F80B6915257083C528C7F7FD2B00A552AEEBC42898D428
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:0A602F88CFBA906B41719943465EDB09917C447D746BFED5C9CE9C75D077F6AED2F8146697ACD74557359F1AE267CA2A8E3A2CA40FB1633BDE8E6114261ABD90
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:OTTO.......@CFF c\.}........GDEF.S.0...h...(GPOSU.?....`....GSUB3.'.........OS/2h......0...`cmap5.p........@head..t*.......6hhea.A.9.......$hmtxD%:.........maxp.zP....(....name............post...2....... .........p._.<...........>......>.....e.....................>.........e.................z..P..z.....6.........X...K...X...^.2.?............................UKWN.@. ............ .............. .......>.........;.............;...........E...........L...........;.........H.i...................................................................................}.........v.........................!.........:./.......................i.........$..........."..........."...........2.?.........2.?......... .q.........4..Copyright . 2014 by Julieta Ulanovsky. All rights reserved.MontserratRegular1.000;UKWN;Montserrat-RegularVersion 1.000;PS 002.000;hotconv 1.0.70;makeotf.lib2.5.58329 DEVELOPMENTMontserrat-RegularJulieta Ulanovskyhttp://www.zkysky.com.ar/This Font Software is licensed under the SIL

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\PF_computer.png

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PNG image data, 679 x 176, 8-bit/color RGB, non-interlaced
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):89461
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.994111178657751
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:true
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:jU6vVsf6Z/r1EJ8yIfDnA2RBjY85YGmr/OOykkT/Ee+liGIQbTZpVa1bUyYgUSF3:jU8GfwhI8Zr/R5B5YfbOfp76liGD9pV0
                                                                                                                                                                                                                                                                                                                                                                                MD5:7F4F45C9393A0664D9D0725A2FF42C6B
                                                                                                                                                                                                                                                                                                                                                                                SHA1:B7B30EB534E6DC69E8E293443C157134569E8CE7
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:DBD8B6FDB66604A0A5E8EFE269FBFA598E4A94DC146006036409D905209DA42B
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:0C27F9CE615CBFF3E17FD772CE3929AB4419D7432D96223B7EEC1BA70953F2AC993404B954020247B52D7F7499212D44EB6F85DA2E2676773CAFE1CE89B390F9
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.PNG........IHDR...............PY....IDATx..k.-[V.W.9.j......~Cw.41..D...<d.l..E....K1A..r"......X..VL....C^.......8....W....{.9{..9.*...m.....n..g.Z...s....?.........y.....?....3/.|..._.}..y...gyVd16iY.i,.r.}]....bN3....*....{..-..,.?.o......U.m[.e].m.^...u.cU..4.eY...E....\...z[.L.K...YQ.K.].X...}..*...~'..l.f..ee..e.E.....u...,3......)M.....,.E.w-...X..\{...vZ....V...so.6..aO[.......J....Z.E....\...Z.YK..y...YU...u.x...Uo..).gJml..T.OEQU...n[.A.E..>o....K..a...2-.).Z..s..~K...i.,f...!...m[...aJ{./..%-.....*.OZ..!g.!.sJUU......%..|}^....*j.M.4z.4.r....u].$....ZvnQ.U%Y...'.^}BG..V.7.c.....T"......3.*_..6q..P...U...H}_.p..Im..^......i.8l...B......B.m..R.3.[.Ul....^$.3l...L..._.7..N.B-.+...].I?.-.uF.<..hv_..%..j$v.b.l.:K8.....,....\...'.U..Gp..Z....jI$.M`..7.....M..I.j.}...A......|].%....\.l..m.0..z@.We.'nu.....]...h.U.>..$.mQ..i...MI..Q.V.A.]/|>.t..\o.._..b....7.<...K....o.....r.f..ND_..Rq..Y.r(y...T...5Ls...qYfN...i.^a

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1025.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):258248
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.238231022120357
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:rGYnpwJ5WckrG4m4xyOfF3VForEml34/s2O8sM10dOR25VvxXLn+TOq3jK5zeDxB:1LiEsHUFU7+
                                                                                                                                                                                                                                                                                                                                                                                MD5:DD572166DEA5DDD56DD98212FBB61E9B
                                                                                                                                                                                                                                                                                                                                                                                SHA1:245354E05432A1C9F21B356BC8F56156A0E75B56
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B45A2DD27D5BFEB98BFAA9628330CDB3BF8B81ABE27DAD1A376857B863E96B54
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1C2E40EF7D5C5D4C8D43EC42539345A8B45A6150E39D5EB5E5E20B888BFD3D814954321247B77C05EC2C048E9F88B3C32D0DD2218F025500E5911D237BB3776B
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.................................................................@.......................................... ...................*...........................................................................................rdata..............................@..@.rsrc........ ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..h....rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1026.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):307912
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.124114562846376
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:DGOPYLFo0y2mxyNRtOdjJTmUDph4au4B7XI:H6m4ASUDJ/7XI
                                                                                                                                                                                                                                                                                                                                                                                MD5:B88E9F66E8A58B33979731FB1C22FFFA
                                                                                                                                                                                                                                                                                                                                                                                SHA1:C4F6CF0C229A4A64C44CD281C70482031AFB1740
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:36B9E82A3A049A95115AA02E47D68C9F1C0060703E145B73098E187A9F5B5208
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:ABEAAB008BC09D17044202E78D0AF69B01876EDCAF52371260123388A1B6B37DC224B6BEC751DC6364BBB60EA164C9C49D6F23AB02925153DF9316EBA32A3980
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'............................................................M.....@.......................................... ..H................*...........................................................................................rdata..............................@..@.rsrc...H.... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M...T...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1027.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):309960
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.638516074889062
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:cGarruphzAmGC0MUmqvn9vQ2iYHzNb0SlLwRPM36qWFnZY2We72sCEsAwo4c7F:hbAK0MUmqVNb0SlsqW7j7F
                                                                                                                                                                                                                                                                                                                                                                                MD5:3D2FA55ABFADC8BDF737D8E5044FD8D0
                                                                                                                                                                                                                                                                                                                                                                                SHA1:7AD0F586BD537292FFC54080D3C55F237FFF3815
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:4B623360FCE24ACD0EC8318A7FBE1904C9A8DA1D7EAD933B79962873670B4C80
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:77A7647426D123AF796E4A44ED6CA3C250FBA471EDB8CF8193324A9B77500848468BF7A42AA78D113FE0ED274EB5F2D1440CE5008D60FDFF45FA9784E90D6725
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'............................................................ 2....@.......................................... ..................*...........................................................................................rdata..............................@..@.rsrc....... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..X]...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1028.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):121032
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.456279670980851
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:bkGH/J14AsGyGT9bdz4MY4JUjAaV0zEwjHhAEil7kHJ7z:QGH7hf4MY4JzdLHRg4p7z
                                                                                                                                                                                                                                                                                                                                                                                MD5:BCB60C0BCC807E3FDE1F85C3FA29EB26
                                                                                                                                                                                                                                                                                                                                                                                SHA1:36B02963EF03D19BA9E3257E289FB5B64E372999
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:BB0349E941CD709EA1493B0C0D1C6A8CACE7254A942478EB3690C2EED99D1B80
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:22F03E966DA2A1E23E4A8342AF9F07571327D04530CFC4767CDF947C3787CEE3D38E1A9448B85EF0AFD3979FD2B62B5ED3295CDEEE53A021E56CF3A9CF829B2E
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.............................................................K....@.......................................... ..P................*...........................................................................................rdata..............................@..@.rsrc...P.... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M...z...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1029.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):273096
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.9684463483684898
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:SGqTV8w+1kxQxrTjEuq2mv4l0V13hcIYq80BJ0wonymZq1Mb2gxQI4F7k:WCW13rYQ7k
                                                                                                                                                                                                                                                                                                                                                                                MD5:094D2E84D6727C326D1E9EB73202BF0F
                                                                                                                                                                                                                                                                                                                                                                                SHA1:CBD7A76391D17FE692CAEA604FE0DF0E79F2ED7E
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:4CB8E195F0C9D2A3BE0013F943B7C9659518C0942422846041F2EE0B917676D7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:BA19A2931D2DC53073EE504357D39FF3A313B0EE3A3AE8F00D06340B9496868CE01E2319DC2B6511D61FC3CDDB5B60BB5E3FEFA7B50584855FD9266AB5571EC9
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'..................................................... ............@.......................................... ..8................*...........................................................................................rdata..............................@..@.rsrc...8.... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1030.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):269000
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.6921075933901903
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:/G1/BUUPjdtlpsCPH02R/CCzuo8JqT1oSo4amSZtTFgCIMginJMaf4D7x:OJrlphwmupgzaO7x
                                                                                                                                                                                                                                                                                                                                                                                MD5:EDBA49A4741FE915AC014EBF36DAFA44
                                                                                                                                                                                                                                                                                                                                                                                SHA1:A230C9536AC71B9729A9F22C5C149D41B35EA12C
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:97C1FED3FCD62004CECFCEAE9CBD3378DE012A3C8578C7324E2E17A1FCA413EA
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:666B7D2E74AE01E2D3D1A3E9F4E8E454A0AF065090E681FBB91E37BDE353C89FA91ED91AFAD075E0E41987363E2CA3C1CA6CBD34FA1FFEDA4A25FB02C4C70C85
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'..................................................................@.......................................... ...................*...........................................................................................rdata..............................@..@.rsrc........ ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.. ....rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1031.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):304328
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.6905828050178866
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:cGZSkJn9KvgjvyvvWTChegDQhK7JUfRtR+ga9hI7AlfbamVXuNdIEhpg8XVLZkwj:Jy/VqEFzda9vpXFPnuV74
                                                                                                                                                                                                                                                                                                                                                                                MD5:A990C225284513AC9623743B627EA74F
                                                                                                                                                                                                                                                                                                                                                                                SHA1:556E8C38E1A600038FA3FF2B06E6752F3C81C404
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:CA9EB9002CF87DE204E99C0E13AD02903E3F374604C72758F922753B5805D3B2
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:DC1A7DDB3FD3F0B1AC22C2D58CDBCC6FB7499B61ECBF732453B9A46996AC0B503A50898C000504E2EFB2BF695BB18BC770208A81CBA84A97D098AEDAFABA5D77
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....x.......................................................1....@.......................................... ...u...........z...*...........................................................................................rdata..............................@..@.rsrc....u... ...v..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M...G...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1032.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):318664
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.292064194598955
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:IG8BkC3TgkU7Z9vMQZO3MnoWX6r85dWORIqY4adqLDBBlKKSUG8ioi9rvxVJzAk9:vvM2+6ayY7B
                                                                                                                                                                                                                                                                                                                                                                                MD5:2FB2A79F84A4E19B903D8FDF48FA1FC3
                                                                                                                                                                                                                                                                                                                                                                                SHA1:0D68AD823B394ACBC2E0C1A0F74A24246AF0F2C0
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:4D7CD8F52E951A298F01049C4CEAB4013E6D010A692348641E18B92DA7F1772D
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1DA5035F1FB71829DD07BF441B3892BAC5AD3A710F7FB5EB95DF1664E73B32DE59445D5F5DE42E11CEA89795B98A899851501C5CE57CA0176DB33722C9D520B6
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'..................................................................@.......................................... ...................*...........................................................................................rdata..............................@..@.rsrc........ ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..x~...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1034.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):303304
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.616693319198234
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:jyx+c99+JqLYRRDFPQivkhQHYhaWCGslwQ7S:Wdxo7S
                                                                                                                                                                                                                                                                                                                                                                                MD5:887BD13A2DE0EEEFE0D1096FFFF97861
                                                                                                                                                                                                                                                                                                                                                                                SHA1:BF117CBFFAD12BD30E3C162F2F5CEEBDC46D4E61
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:3898B5EFBFD3321E668650CA9B0C87382C858E97B9665F5AF244FC11D3A67149
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:7549AECD20C556FF973F21DD32CAB53100FBA33DAB8878F02492532973DBA2E444DC1DFC87DC4A96AE2BCAC3C91D48BC72E69FE648629F21BCB7C080CA43B3D1
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....t.......................................................|....@.......................................... ...p...........v...*...........................................................................................rdata..............................@..@.rsrc....p... ...r..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M...C...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1035.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):280776
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.642505171783827
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:aGGm0iYKzLFQCBRLAEmW6WJM8LHxaMevPHZR/m2lki2/eqLyJ801IEaI88RTr+vE:lLFa8zx/2xWXBziBZp3w/sIYynYuPA7R
                                                                                                                                                                                                                                                                                                                                                                                MD5:59CB30843FAC4717B81F2AF566C40A93
                                                                                                                                                                                                                                                                                                                                                                                SHA1:F378A49200AC579FD4205F7FF0EB8BDBE09C12DF
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:504011484D50C680919B2AA52FB8BE8D9B606E8676A7C0898FF3C2226D0E6337
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C757A7A43B30A59BACE7F0117601E2B98FBFCD1CE16C2EA0EF4A3C894C466A8A2148B8AA4F4127FFFEFF7DD9DF0A79C5730EC674337D3E8816B7ABC82B53D518
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....................................................@......B.....@.......................................... ...................*...........................................................................................rdata..............................@..@.rsrc........ ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..H....rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1036.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):315080
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.6406219866654
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:QG4R/HQG0lY0HlRuz9ldM5f66FhC7Y57+n5lgsPJ+OTanfRcr0y6gvTJxiy4K7n:UUuSpFPQr+OgA7n
                                                                                                                                                                                                                                                                                                                                                                                MD5:77435194209F380F19002CCBF8607F3A
                                                                                                                                                                                                                                                                                                                                                                                SHA1:CFA76B162C7D74A9DA4468C06279DFCD9544C3EA
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:7EB1935C13DE7FF82B932B475F007E0E1A22F1A74CCE9E3DF9C4E6E7386A3D8D
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:9FF05800FBB5521808A3C995BAF0EF8CEDA83BDDA7825375D9E0F07916ADBF5DF0BCA0D028E677A7B4979E325B13BFBDD994EA3AE5F639A617401066A82F14C5
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'............................................................1.....@.......................................... ...................*...........................................................................................rdata..............................@..@.rsrc........ ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..0r...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1037.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):85192
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.772617184680359
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:/IbG/Ev7fV/QDGLu7rXc+yF3hN2qx8xg7keV7I:ABQDGLu7rqF3hNL8xg4eV7I
                                                                                                                                                                                                                                                                                                                                                                                MD5:A5573AE700BE6F965B3505878A4300DB
                                                                                                                                                                                                                                                                                                                                                                                SHA1:46400878B4F8A78F1078CD0BF91FE53A239F49C8
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:4C80CE22D1C693CCB82E6F5D479EC84022F244DEFAAB2947A4B34E66E41FB435
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:773BB42D37F5B3AA4E0B73E98DEDFC49B272BBCC7D68FB42345EC9CB01250B257B98866DA5A5E3BE952DFC12FC3C2EF34C41A326C9795FEAE4606F6D1C34244F
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'..... ...............................................@............@.......................................... ..............."...*...........................................................................................rdata..............................@..@.rsrc........ ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9..p....rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1038.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):300744
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.8229441365316514
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:5GQAkfjlc69HieVvyQfEJfAGaHaf8p2FjQzrDJK8+jewl8w0i85EK/FMJgMET+di:XAp9ZExqPKr4Cy7q
                                                                                                                                                                                                                                                                                                                                                                                MD5:FDA63DA0EB74E54E0BF2B145372EB159
                                                                                                                                                                                                                                                                                                                                                                                SHA1:476858901DBF90CE89946D45F4A58D0D5498131D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:F6CDB9A4DD9F04DC9327514CA8F1869553BB0AF2EE0E28AF4C5F3779C8EB58B1
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C592022AFFB9A225B467079D6072C454DDF43D527414F48B0EAE723B4929224789EF7144C262AD157BA2D08D8FAA4468C76E6672E525E2F2B6CAE5EEBFF08EE2
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....j............................................................@.......................................... ..Xg...........l...*...........................................................................................rdata..............................@..@.rsrc...Xg... ...h..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M...9...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1040.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):297672
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.606665652338658
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:qWqr2dkN5rbJEzkk7VbQgxdUSycevoHN11uBIAN22H/GQJ/WF3jn+lZ5a06IMjpG:qqeabx77e
                                                                                                                                                                                                                                                                                                                                                                                MD5:4E0665CB9F24EEDBD745D78659713CDA
                                                                                                                                                                                                                                                                                                                                                                                SHA1:A6C77BF14F13E223EC18A9E71DBD3292014F1F67
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:BE5217EA2266BFE481BC868447AF33DC3684E721E8ACF9B800F652461654FE01
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:8502069930C5D75CA89E24C301E728975CC77AFB50EAF4F9DB7190B097F56A0BC634908C18B88398C45EA4507F44CDADA102FACAF57B1CD4C89ED0FC0AFC711A
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....^......................................................[.....@.......................................... ..XZ...........`...*...........................................................................................rdata..............................@..@.rsrc...XZ... ...\..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M...,...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1041.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):161992
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.592616141863175
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:TGMxi0oGAYGz/CJyeD/53QPPYE7QREk9kyASAmXS6f8okOqq0Q4WFIU1J+LdHgz2:TQ0ydI91Ka8okL1Cr7g
                                                                                                                                                                                                                                                                                                                                                                                MD5:9235C7E1ACFBFCAB3DC6B6FCFC913CBA
                                                                                                                                                                                                                                                                                                                                                                                SHA1:DE8E400EF3E35129544B383D4B7223EF2A3DEC0C
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B9C80D8388BA82BA70BBA1EE8FBED1ABF6B3AF1F0C78ED5961F7F2597CF64ED8
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:230E064A870DAC52A2FBF2479C99AE0E6F1F6A06F93108D914A0C3F6CD72C643DCEBC9A96197BE01D2F50E3433A1857ACB1AA49601E38EAA9C760E8CD73E3271
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....L...............................................p......[.....@.......................................... ..hI...........N...*...........................................................................................rdata..............................@..@.rsrc...hI... ...J..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1042.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):156872
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.841191801232354
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:iG/XHIrT8jQ3PPpY0yY9OdQ/XXOAkUxHf9tuxBrTTN3z8y437mv:jeT8ePPKY9fXOAkYujh3E78
                                                                                                                                                                                                                                                                                                                                                                                MD5:6E311EB204351CED20CA130502D715D3
                                                                                                                                                                                                                                                                                                                                                                                SHA1:3C88B93D17B77E23BEBEACB3B5EAFEE58BBD5899
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:2F113765D82EFC97DE16D0AE119DE336766924B09299085B2343E30A53C90D2F
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:625BD3F1A368D90BB472462D94777AF408D92713858908F7CE67F4E876A0B4B75C5F50EAC0721AAD611CC1AF1F1D7299CD0031B8F9B427021C083BFE9D7FA75B
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....8...............................................`...........@.......................................... ..h4...........:...*...........................................................................................rdata..............................@..@.rsrc...h4... ...6..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1043.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):298696
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.6290753361158727
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:4G+v0KKa02GVl71eOTnhSx+0hdPLWa/zwiJ07kVliIlJE5E6pFCASYxKxYMe7NnZ:AvKm9ScE7N
                                                                                                                                                                                                                                                                                                                                                                                MD5:AD02CCFD38CCC93540ECB59F0F25685A
                                                                                                                                                                                                                                                                                                                                                                                SHA1:700A8DD8DA55F15B0097B596D23D474C45DB634E
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:E22323EA732A559E283A6987986DECD32F5C7E1656F25D3004758D1A794649FC
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:B9598B6373128400D636F23BF3E629FF78DC91CEA00DB5C92B147EB80313D3A904D66F2D6D1067713A310A92160570F16C41091EE1AC0BFFD4CDDABA24F4F255
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....b.......................................................E....@.......................................... ...^...........d...*...........................................................................................rdata..............................@..@.rsrc....^... ...`..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..81...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1044.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):270024
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.67598554900099
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:LGgMYbueTfZOaRLl/TPWBPgfJ9yBIwSk5/apG24VPeEfBGtqeRBLK/v2PS1gAYeg:triYeKrx77F
                                                                                                                                                                                                                                                                                                                                                                                MD5:2552D31930D3CA59958BEAA44A2ADD56
                                                                                                                                                                                                                                                                                                                                                                                SHA1:EBB665402E280B277F7AE3D5393D92029C439B50
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:5EB4DFD1105B61AADC5B66DF130F95E3E9032EB68C39A28203020F861AC87370
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:E308BFBAC7126C117173E4B327CBBFAE89D0BF1A7995C4B0264F54DE370534E8BEAE95EA393084F9BAC57D74F6FA201D13934E571E9AD15A9E735F86B3DCDF43
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'..................................................................@.......................................... ..x................*...........................................................................................rdata..............................@..@.rsrc...x.... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1045.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):304840
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.8791402463294142
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:+Gi9PgRHXQCny048tEy2aJfuoedLuQKqo4z7W3:aBg79qy3JIT7W3
                                                                                                                                                                                                                                                                                                                                                                                MD5:16D4A92B55F53FD7A5F9953B3DF55F15
                                                                                                                                                                                                                                                                                                                                                                                SHA1:9F0CA323C47CA1917A99C4914FF90F56674A21D6
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:39FDA418D546758249EDA96A66265D31DF72D0387FD4C16051F21E819699DA62
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:29E20666F4D27D05B643E247AFBD8C6F281C50BDF71F374CFD182863D3DB2995CF2EE2F9145F51E7A4FA6695DF1DD543C6A6FCAFD7D6F9863B54FC3025238038
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....z.......................................................3....@.......................................... ...w...........|...*...........................................................................................rdata..............................@..@.rsrc....w... ...x..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M...I...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1046.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):294088
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.6581742426517487
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:8G8+B0rEcMnC2Ewumjv8ggFBLfk2hxvosC4bXm3hoO/miMBvLnY5yGkUSUIx6/2P:2YcPBvLnYIL/s7nK
                                                                                                                                                                                                                                                                                                                                                                                MD5:2A31AED597036F34519A32E81E424A22
                                                                                                                                                                                                                                                                                                                                                                                SHA1:10BCDF9EA54360760AF00BA07800BE6FFA2647F2
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:EE139C01547DD390B6016B48E30BEA772C6F1ACABE7DE34D9429657FBFD830BF
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:8D780305D63B785F11655C341DEDF4DD8E5E388D6FF68FDE0215B149A7B6D968014D2F297A330F0260C528700213552BBDCA47CBCF1589437CD7EC0209F1C8C0
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....P...............................................p......|[....@.......................................... ...L...........R...*...........................................................................................rdata..............................@..@.rsrc....L... ...N..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1048.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):315592
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.765969358188466
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:kBL70sRPwy8RsSNskqf0xZWg5/K4ONYm8DjbOfgstZqTG7y:SRPwM+VsQG7y
                                                                                                                                                                                                                                                                                                                                                                                MD5:822AE42D4B4C95C84BEB528DB1D4FD96
                                                                                                                                                                                                                                                                                                                                                                                SHA1:E9F4DAE73E40EBF80F76E3F7E96507385C69950C
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:A8C5A50E21E5AD58602EA4716A244D9F445F6C297A3F6D3A9429D9C53108D9E5
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1D01061C47042850594C2F571CD6BE8CE0E8AD3A2DD0BAF50393CDC9426559282DD213BF25E14A47FCD5B4D9CEB2FE65121A2146587DB6637D76CED8B607DF51
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.................................................................@.......................................... ..H................*...........................................................................................rdata..............................@..@.rsrc...H.... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M...r...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1049.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):282824
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.252810215644981
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:9kGXcb3G+prKUkq5zbZSBTjZGZjWav2HH7km7y:eGXQ3GkrKUkq1ZITdGRWav2HH4m7y
                                                                                                                                                                                                                                                                                                                                                                                MD5:C118A00E4BE13B503630B30E85262D7B
                                                                                                                                                                                                                                                                                                                                                                                SHA1:67494CF59399F785AF70E956FB75950C84F41E4B
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:4CB8995E10E24E135BC68E806D64ECEE677E8C2196DAE18CDA92E10928A3526E
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:4E765BAC889E4B086F187D6319E17B8C7D1406CBEED89D67A5965DEF9A806CEB8BB8F510EE9FFA82727A043E558EA75E7188A237D95B38726007C977C25C8ABC
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....$...............................................P............@.......................................... ..h ...........&...*...........................................................................................rdata..............................@..@.rsrc...h ... ..."..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1050.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):294088
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.749705519684699
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:nG6wUkEouTt8mmwkuvBi/NfmlDPhzCpadAFM/jg3lALwY4x75:pwUA6lmWC9L75
                                                                                                                                                                                                                                                                                                                                                                                MD5:C2C35AFD2682650D542F932D3E4076C4
                                                                                                                                                                                                                                                                                                                                                                                SHA1:7BDC77F978AC6A7FB267C894C05FC73338EB29C8
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:6E09B523C5BFF6FBD3861ACA0591E4893D99D3A6E6C6CA5DE97F9E3811697C57
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:A7B7C49CABA606368A7BAAD01433D3FFFC8607B5B28160261DB82E74ED9449D81264EF1374F6D0ECA867233AEC761EA092DE99146F3C356C56CE56C99B8DE20F
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....P...............................................p...........@.......................................... ...L...........R...*...........................................................................................rdata..............................@..@.rsrc....L... ...N..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..8....rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1051.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):279752
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.92700074358136
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:xGf9r1z5E4O4XFtr2LWX0sZp3AB7np521GRUgryv9DE1BfstLswf82trxqt2h7P2:q13I6GDS57w
                                                                                                                                                                                                                                                                                                                                                                                MD5:1F70B50542027F17F49C02B28278376B
                                                                                                                                                                                                                                                                                                                                                                                SHA1:90796B6546DC34C011716D041EE1D5CD8E988CC5
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:96C23614B25F996C6CC6C5DC01C1B25EA7B88B635EB4ADA0D0075362336E2310
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:A81D689366C45F20C710BA309BB3A3B658C90BFA810EA695BFC964C4C8021FA7EDEE11512C73F49AFA674D7A83D6B852B4BD0500D9C8DB6F24068DA2B72F857A
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....................................................@......T.....@.......................................... ..@................*...........................................................................................rdata..............................@..@.rsrc...@.... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1052.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):99528
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.182280883517871
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:1vnphI3J0F33dUUFwSdCG8CTzExQmGeapZZ+SQDegeO2NcRxvXWx3Fzkb/5dqbQe:dn6qRuv+PTg0Pg9evRKrmFqYbXw7kp7l
                                                                                                                                                                                                                                                                                                                                                                                MD5:588534691D69C89C40667FA7629BF8D8
                                                                                                                                                                                                                                                                                                                                                                                SHA1:D819FAF2F647E8609FE07087EDAC2972A86A43ED
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:60949121F9FF0F32A05FC0F4C13BE21C5E7F34EB3EA13DC67AA81E2C2544321A
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:7A33DD46569E9924FB4D4A11679612E46E89038727CF2E6E086D116335470D8A11F42CCC3F852D4C8F86FB8AB6FCD210A6182B3D6518322FABB31AEE695F32BF
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....X......................................................$.....@.......................................... ..hT...........Z...*...........................................................................................rdata..............................@..@.rsrc...hT... ...V..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...;...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1053.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):275656
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.6950013545179026
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:RGdN/ruqQv0GWYIuzj9CUtw4GdXPO2iaNpQ2S/nsuZs9+UTBc/EEEqJ5OS0qZNXJ:75vrHiiYQLZTQU865F7h
                                                                                                                                                                                                                                                                                                                                                                                MD5:011105CC7ACE5414B2246FCFCDE0DB35
                                                                                                                                                                                                                                                                                                                                                                                SHA1:619A353D40474C47DE44A01EC86AED754535A072
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:1FB9E920082E09727D249A4A828ED3D502ABF98CDA1B263EABFD7D44B6BDE80B
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:A4ECC409940B00BDFA1393780EE2037F959D9820DA63A8BC83ABB308C8A7D77BD5750D207444F5689B60067526094C9F4DFFF5FB14EC024CCD937E87820C7F90
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....................................................0.......S....@.......................................... ..(................*...........................................................................................rdata..............................@..@.rsrc...(.... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1054.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):263368
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.407292085255587
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:XGsGZVlvS/+Mg9z7d+iBeMSYHC4q9n3weW5x7sOCM4+0R3mBnBxuuNWE4x7C:FFb17C
                                                                                                                                                                                                                                                                                                                                                                                MD5:C0D27203BBAF182E7EC16C03CC18E603
                                                                                                                                                                                                                                                                                                                                                                                SHA1:74A36B7C13A593874D9438ED86B291B37A124264
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:A82DA0EE778CA831D5C0EEDBC63E2F4D3A2B8368B4D06BD9C7103B29A4423FA7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:D023473302C3C405886120ADE7182F4590E5FCDE717E721F49986F786FAFEBE8F7701AB712361A5B43BA5A2AFEEA8092B5EDA940929CAA23DDAA88F2D579DF96
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'..................................................................@.......................................... ...................*...........................................................................................rdata..............................@..@.rsrc........ ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1055.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):295624
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.8677159534973438
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:LLyXxJRrlN6ryL4cfG4cPDYU21gPHapU7q9:LIu2Oh7O
                                                                                                                                                                                                                                                                                                                                                                                MD5:E21083F3DB6D2D26790725067C501DE3
                                                                                                                                                                                                                                                                                                                                                                                SHA1:95D681689D14B95741D000671C3406FF2F79EF16
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:3AABAEA883CD18D024B3A46E8969434388D7ABAAC051CBFA7BF40C3C784EC973
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:4C93942B6BE9B1ED57733D0C35A3FCBF4F6CC9D5412CB7A8F445BF73B829A8ED9BEB7B0EABB289BAD27D4827C3F9C9B7ED2712D7C8ED6C06884A995E880FE288
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....V.......................................................S....@.......................................... ..@R...........X...*...........................................................................................rdata..............................@..@.rsrc...@R... ...T..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M...$...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1056.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):281800
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.179781921357504
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:ykGkKZhqDAmMj5RKgkLth+GroS0m7kq47z:DGR4Mlj5Rw8m4L7z
                                                                                                                                                                                                                                                                                                                                                                                MD5:057DEC0C5D7D99558EF6D1BB2FFD0A0F
                                                                                                                                                                                                                                                                                                                                                                                SHA1:ECBB53CA7DBA361169FB496EE150D23784A9DEA9
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:06E93508F1106DF3C09A8C9D721B159F46C83B0D7C7F7B96138C767183CE6713
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:A1FC1B3F99220B18835F64234AB24F349AF699A5B3AD8652400B1EC20C57292F8EAF988D25240439EF4FC190A3AE0E126E3D536CAA7E53D725C320267D2A98DB
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'..... ...............................................@......=;....@.......................................... ..x............"...*...........................................................................................rdata..............................@..@.rsrc...x.... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1057.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):284360
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.6380420427259863
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:+GsuYsbkLRyB37XqlkJq5WicwPALrbC/hDiyxbDsalR97gAnKAB47i7o:VB3Tqe1r+/h+q5bqi7o
                                                                                                                                                                                                                                                                                                                                                                                MD5:4DC234DD0DD7530014046C31908D58D5
                                                                                                                                                                                                                                                                                                                                                                                SHA1:EA7BCF3DFFFACCE8B30819B68A8EFB1DD7E97B2C
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:8D1EBC4308C980A30333777DDB15AC5C097BA5D0524DEA720EDBA0985446A146
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:CEBD76A741154CD027887CD5BF54BF8BC3BBAEA4E0CA1708C623C5C627C764C3727005CCD23A72852F30E33CD125F52A6A6314CFDFAC7B947F1E33D89595978B
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....*...............................................P............@.......................................... ..h'...........,...*...........................................................................................rdata..............................@..@.rsrc...h'... ...(..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1058.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):286920
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.276685823411697
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:7kGawwhopP2Zxej/14KD6+IhMEDdQP2YBMlwOd7kd74:wGpwm2ZxphhTDdR0UwO4d74
                                                                                                                                                                                                                                                                                                                                                                                MD5:9B2ED8BC27B59AAFFAA57DDBD71229BF
                                                                                                                                                                                                                                                                                                                                                                                SHA1:22D63A2BA10D7EEC34804DC9B0BAEBBE9C2E5AED
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:31191896CB12F4C9807F62AC0C824EA95E4F3F9AA9C98DB715B55BD6C35F4768
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:7A603E639F04B772DC1E45425013611058FF27E2BB14A5FB69A031C9A48865B64CCBB6B34AA899CBD40C86CC0A34FF2E6FCB14193B52CD6F02D5AE277C82ACCD
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....4...............................................`......9k....@.......................................... ..X0...........6...*...........................................................................................rdata..............................@..@.rsrc...X0... ...2..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1059.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):280776
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.279429859585035
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:akG4cqKwOzGdrZb9Yz7cV3mjN+EGtmoQY77kN74j:7G43KEV9YXSOatp74N74j
                                                                                                                                                                                                                                                                                                                                                                                MD5:59FCE9340202E0DE066EDFE7DD5B0698
                                                                                                                                                                                                                                                                                                                                                                                SHA1:56EA37AA2E154D4FC1FDF643D74718F6EBF33740
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:AF2A8FFCC06FF11C9147EB70CDCC2D60FA72769099596088D1D1DEDFFE1269A9
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:00A553DAD210874DEB43DEB7D774D9C4630D8640901A016B2A850D84836EC479FA2AE74066B544BF7BE5D5BBF01E38799CA7C59076CDCD7AFDF3BA01F9D2445E
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....................................................@............@.......................................... ..H................*...........................................................................................rdata..............................@..@.rsrc...H.... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1060.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):298184
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.733417848104649
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:/Gd86yNfB+pb7tT0yRVLX90eNfVyYoD1sFN1pmg4r+JkEKvperPV/4JmZIdiZbCC:XuJo7Kz
                                                                                                                                                                                                                                                                                                                                                                                MD5:C845F51D0A9626E8B92315D9DD057D3C
                                                                                                                                                                                                                                                                                                                                                                                SHA1:08ADFFC035A6E3C3D289F446365AB114125548D6
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:FBB2C7A159F3489CF2F28D112348B83D906475F15087F8DBF72D67DA3D0A87E4
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:FD3327A9420AFCBF8CEE46EAC8702610336C33E65BDF04363563A1734E0C7F8186E3769EE7E8ABE1930224A8FD4C27E19F6A834D697F0A5177F774C15BD9DDA4
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....`............................................................@.......................................... ...]...........b...*...........................................................................................rdata..............................@..@.rsrc....]... ...^..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..P0...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1061.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):270536
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.679348845841885
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:x56PYBjrXQL4Kfmdlh7+3KJcmO4ALJ+8KQ9ah7f:MmTh7f
                                                                                                                                                                                                                                                                                                                                                                                MD5:DD4E8027B6F9830D5B1369C15000E5EC
                                                                                                                                                                                                                                                                                                                                                                                SHA1:7930AAD919153A2E8BED5F8C571F582BAA8460A2
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:DA47254F852868F0AE31EFE878A9B9DBF451444CD758D3EC0E81CEF545A44B33
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:FBF702E8F5D8A843FA362F773629363A1CA8862A329D0DA99D680EB3BF280DECBE35113DBD18CEE42A4B950A7E4FC37E077E55B74B7D9082882A467B4CCF8531
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'..................................................... ............@.......................................... ..X................*...........................................................................................rdata..............................@..@.rsrc...X.... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1062.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):279240
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.880165533544387
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:AceKjdwhrF1ddAG92XHeoagB3hDhFr/JR7c:SjY7c
                                                                                                                                                                                                                                                                                                                                                                                MD5:A6B75435060AE801A46F8E2F130F1191
                                                                                                                                                                                                                                                                                                                                                                                SHA1:C8A395680949E4E35CEE156412F9456E44561818
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B1650F1B5EB5AB1A80BB609044250A29453CF95C282EA32E0E8D7DD5B9B346F3
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:F0361D02B732BE37F27C169E8856E0DAE4E28974E17F97406C033AB0757CCD6BCA47EECD45439FE1905F713A2CD364CA43593F38ED6E1FAE43622B9DB4F3081E
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....................................................@......=.....@.......................................... ...................*...........................................................................................rdata..............................@..@.rsrc........ ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1063.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):286408
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.839543792827281
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:0G6lFxILT3wHKd4OZkhEXSKybX4AwlCTWgVEhm5f6UsAJ2QE0PGZytVEaLpglnf+:TIKUeys7y
                                                                                                                                                                                                                                                                                                                                                                                MD5:A6C320C6644C530D057C182EFA143714
                                                                                                                                                                                                                                                                                                                                                                                SHA1:7D0B1A2A567885EF05FC2C80F422E96D54F72671
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:45E53B489FE1B7052C585965AD8EBF9584B7FCDA409FE2E37FDE1B934CEC2B28
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:0EB113F299015C55EEF03FE3B1E645B8BD51F8143E74B774F27ECCDCE7D41881A4D0A4C24EF812DB86FD6A1C7AA757BCC1925BD71E5392F2EEE92ED5E672DE7C
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....2...............................................P............@.......................................... ...............4...*...........................................................................................rdata..............................@..@.rsrc........ ...0..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1065.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):280776
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.1301218437996665
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:76wg6afnELw1MO9sQKjY97MH5kV9IPWB7t:mwg6aMXe7t
                                                                                                                                                                                                                                                                                                                                                                                MD5:78593B8E827E39E366B2714559016AAF
                                                                                                                                                                                                                                                                                                                                                                                SHA1:B8DC51866AC0304039A946EC247DD3B4B3FA36B2
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:8FB2CA3D81550FE30C70043F643F3B71117D5FB6AC75440BDAEA4A4E402F15EB
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:F135D93F52705014EBF23E6FD5B1E26759295F940EFE95A2E2949C6615BE3650C45E813B5B8A08A65FD9D8057DE9B9CD4A90EC90E8978CC04F2B6B5BC1AB491F
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....................................................@............@.......................................... ..X................*...........................................................................................rdata..............................@..@.rsrc...X.... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1066.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):291016
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.223488066061963
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:EGSHQbxOJJveSX8b1oHhEoMM08OAy8TIvZZVHZPNXd4J7o:dxOuSZ08U8OZr/Xg7o
                                                                                                                                                                                                                                                                                                                                                                                MD5:5433FD8AC15F978DC9B3F7284C19A652
                                                                                                                                                                                                                                                                                                                                                                                SHA1:7B1618C8A524B36504E73547D5C0534D9A6B6806
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:F939020BEB16F25FA7DB1D383D2866F18E073DB90A168F9B9ED649B189E5933B
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:65AE3A8C2D4441A041CA9D6BE6C5B4BB78F8912B4FAB7FB6EC2DA50196AE0A45D88CA7B6C38F4F662F19D7CE68AD3353C87284A534AD6E4FB9F6F2E086757B16
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....D...............................................p............@.......................................... ...A...........F...*...........................................................................................rdata..............................@..@.rsrc....A... ...B..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..X....rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1067.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):97992
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.756526348282078
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:aVRKRwjihIlKVSYMOv2RLT7KooahF6LAIUjmuJ2DispH1aNv73gsmfAsZATeg9e1:EQyXThwi0Yeg9evQ1rmFqYr487L
                                                                                                                                                                                                                                                                                                                                                                                MD5:204AB6394625E02384C984DB75287EF0
                                                                                                                                                                                                                                                                                                                                                                                SHA1:4E00F24E3827EDFFFC6C1E7724BE055849887092
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:BBC9930B6D6DB1087F0E2841C86C4200CCAA3FBE746846A03AA72A8815020BDD
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:29D4F4E6F6C3BE065330C6AC9576DC1FD0E2DDC221EC46466E191559CBE5FAB62B5EA2263469E8E5E74533812A8D11A6F5FA412075EF957B4762DA1388964291
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....R...............................................p......".....@.......................................... ...O...........T...*...........................................................................................rdata..............................@..@.rsrc....O... ...P..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...6...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1068.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):97480
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.31307750666615
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:P8OWtBFOFKSvrNse08AsdUMJ8vlKnMTg0Pg9evRKrmFqYWXp7ksN78:UJBYxselfGvlKn4xPg9evRKrmFqY64eI
                                                                                                                                                                                                                                                                                                                                                                                MD5:1E06AA2D57B1DF5A43EBBDB590F25013
                                                                                                                                                                                                                                                                                                                                                                                SHA1:EB10AE281BC9C17A5A6EE794FAB21BD1E358F663
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:1630966EA5FD3ECC0E4668ACCF73430C2229DF84D07A5DE92F5CA17F217A464A
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:DECF3342AB4676FF0F8C49DD84747B1F21565EF29F1A94356438A705CEB108BCF33DB0B60C77C12150CE94961B8316CA5A2EAF823DB5A8AFBEBE973150400097
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....P...............................................p......-.....@.......................................... ...M...........R...*...........................................................................................rdata..............................@..@.rsrc....M... ...N..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9..P4...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1071.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):106696
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.697423003115933
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:OIfvxxMq132FYhTaWH1zgdevRKrmFqYh4o7m:w3WHc1g7m
                                                                                                                                                                                                                                                                                                                                                                                MD5:1701E299B661EC3859BE80EA47DD13EA
                                                                                                                                                                                                                                                                                                                                                                                SHA1:E356182BDC9428461EC955226BD3F6C25FE5C8E5
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:9638C29B1AC1E4C199A7792B6A764DD0BF1BC38F0143ACB17A001632061CB165
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C8B97004ABCB28EC8FB6D6FB19A7580AC33CAD88F41F938143F957C31F5214412A54DA9CBE6180DBE3BE754B9A9B59935EA740C04D087AC7115A38A85225A1CA
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....t......................................................j.....@.......................................... ...p...........v...*...........................................................................................rdata..............................@..@.rsrc....p... ...r..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...W...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1079.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):99016
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.823853954295383
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:VMim7E6UZ2gL/VgFvSDKBMTg0Pg9evRKrmFqYWXz7k47a:4UZ2gLdIvSW4xPg9evRKrmFqYI447a
                                                                                                                                                                                                                                                                                                                                                                                MD5:833955553AF99CDB7272A3A7E7A68839
                                                                                                                                                                                                                                                                                                                                                                                SHA1:A9815DAD32FCD15D6DE615F150B90774253A5B4F
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:D70D718F9E98564B1197589B21A450F7534E486E94F913FDB46EF81F11F32C4D
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C128CF69E84E79B25003B85199024A2B405747766BE259F67C6DDF97FE5084014FD63F69EA88E1093FE18B6074A1DEC026F57BEC135CC86EC81FD914DB66DEAA
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....V.......................................................%....@.......................................... ..(S...........X...*...........................................................................................rdata..............................@..@.rsrc...(S... ...T..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...9...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1081.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):283336
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.291637032376391
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:BGxYNQ0qtd0dvEGLYxmdFZhBhThkbX+IZPKc/Rdr1trcMKeBzAWTJ3z+bhAqanV7:Z0vkswqtk6taMtI9k79
                                                                                                                                                                                                                                                                                                                                                                                MD5:5AD440DCF86A6652C557071F1F74E30A
                                                                                                                                                                                                                                                                                                                                                                                SHA1:1ACCBE09A474A4684A69FA6CBF90C008CF8B7A74
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:7334E105FA9B194C708F833EBEF0283FE5846B8883B3BAFF0FCA6B2881EBB5AF
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:77F7914448D129CBFA1253E41388B4DBED92843965E928FCA09C71481197DC4714AB167C796336B5BF7C84AB29C4C3AE8EC0D46EDE87A43DFFE7F5E88CE9E511
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....&...............................................P......j.....@.......................................... ...#...........(...*...........................................................................................rdata..............................@..@.rsrc....#... ...$..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..8....rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1086.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):295112
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.590360341142837
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:oGFPT5+FhMLQfug+iPPyq2UnAFbHr4C7h:Jwk7h
                                                                                                                                                                                                                                                                                                                                                                                MD5:C9626918325B2C3DB0C1B2FC56E0B00A
                                                                                                                                                                                                                                                                                                                                                                                SHA1:A659EAC1AAC7B35C4946BEA0EA3E72043CBCFA08
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:2C84BAAAF781B79F329BF0AAB83E73DC65B7BE525EA521D9E25DF30DFD096B88
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C25C1AE1CA19A757C0366622077CADBA625C398A49B1B2C9966EE076B6BBF96F19BEE370D904DE8B764D3F70AC003E310267049A0ACFF18E87BBA0CF1FC6DF19
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....T......................................................=]....@.......................................... ...P...........V...*...........................................................................................rdata..............................@..@.rsrc....P... ...R..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..0#...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1087.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):95944
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.743089479214002
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:U8xbxAJ6vrN4mB/jx+dnwSp69vhdFUxtg0Pg9evRKrmFqYJ7kP37A:rcqJIwlvhv4xPg9evRKrmFqYJ4/7A
                                                                                                                                                                                                                                                                                                                                                                                MD5:3A89F6B29E51393D9777CC3306872C07
                                                                                                                                                                                                                                                                                                                                                                                SHA1:ED814B88B064C472D8275751A639D87631C27E67
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:AFEB320FA98E092004D4794EB2252907C20B05F2D9258045D567A6142DF8CCA8
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:B8823E4501E7B7CFF2A5ACF289664D04AB1D52E7A70F251C2F6B2035F2D4BCFBF50B282BC85E5A62C4B56FAD9E7DFDAECD2A2FA73A7C9BC9ED4669C90281CBDD
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....J...............................................p....../.....@.......................................... ...F...........L...*...........................................................................................rdata..............................@..@.rsrc....F... ...H..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9..P-...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1090.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):107720
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.234824492688907
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:wUxZ5eiAoalbBP+98CddkERRc5ijjsfaWIG0LwB0spaS26NDdNdmVesHAn4qoqIU:QVv79
                                                                                                                                                                                                                                                                                                                                                                                MD5:168A72FBC8600C705496C5FFB41FF7B5
                                                                                                                                                                                                                                                                                                                                                                                SHA1:66FE81CDB4782D71502BAC2983132C80327393AD
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:70AA186986BFF2ECC3D1B260DDA5A9705BD01FBF055B02D23D5F09D02B7FFBA6
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:0798E5E2729674A2DFFEA72497D1B955A53C514A1948EC606D348DA2EB8E2EF7817011051E32DB91A472F8DAA5E6CB54F7E8A671CB271F48A383B0A2AA7ADB75
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....x......................................................WP....@.......................................... ...u...........z...*...........................................................................................rdata..............................@..@.rsrc....u... ...v..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...[...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1092.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):95432
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.854905298855171
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:v2E8pozpgNaKTnEcNS7vO0MTg0Pg9evRKrmFqY+C7kL7W:5826aKTEcNS7vv4xPg9evRKrmFqY14LK
                                                                                                                                                                                                                                                                                                                                                                                MD5:D6AE3D226DEBCF5744910AFD6737A66E
                                                                                                                                                                                                                                                                                                                                                                                SHA1:DA296778DCC30F69D768020E947B7DA153FD59D6
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:800DB8A4A25184380664D060195DD9CCA20CF5F106ECA6F3901F48C9BE4A5E13
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:9AFC76758408BD45BC30CB3727776D43862FB95F8B46C1D79E3448FE7A37010C1DDE77DB0B8ADAE7A64CFC13E2670B25F6258B61AF6D1FD30FE65874D2EE3787
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....H...............................................p......J.....@.......................................... ..(E...........J...*...........................................................................................rdata..............................@..@.rsrc...(E... ...F..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...+...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1093.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):287432
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.347992008265004
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:6GX+67kbZODyYhn1i5N2DA46Erzs+P3C+xIasNu4CyZtlZit4D7q:VkbZODzhnFDAUzs0Iaeu4CyZtl0G7q
                                                                                                                                                                                                                                                                                                                                                                                MD5:792D8E86AD4EE7035E9AFEC845E3A1FA
                                                                                                                                                                                                                                                                                                                                                                                SHA1:FF6DC8EEB1AC93EA88261DB0FA80FD9B68F939C3
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:7E4ABEABA9CF6864B8A9F1DA70911FD315932A4B75E7E375209AAD3A2228E264
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:036EA3E36B48B7D0104B4E18B04A118E844E99B28D52F8DA17D597E35148DDE3F168E2211FE0A1671D204556D38E13F25B716C2AD6C0EBC9AA43BEB1BE61C832
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....6...............................................`.......D....@.......................................... ...2...........8...*...........................................................................................rdata..............................@..@.rsrc....2... ...4..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..H....rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1102.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):100040
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.7386358081687945
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:oQ+vvrNhPw/3mdwJ3vJbMTg0Pg9evRKrmFqYWXN7kj7I1:uRh4/cGvZ4xPg9evRKrmFqYS4j7I1
                                                                                                                                                                                                                                                                                                                                                                                MD5:799DB3231A95F4F1D5C15C345F720918
                                                                                                                                                                                                                                                                                                                                                                                SHA1:6C6A33011C86D17F3FB7EDD6E838DD207F9BB2DE
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:3D47190FA42BDE4D0DA89F08BD4E21B3D75E1093FFCB8BA87A40C3BC57DA622C
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:4001D116FE3F0F7A59CCA93926DF1D91A309E9649E69FEF655E2412C983D1E2845B5E9E4EDB7854FADE747920ECC611208CAF1A2499F5D8227438CF03487C979
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....Z............................................................@.......................................... ...V...........\...*...........................................................................................rdata..............................@..@.rsrc....V... ...X..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9..`=...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1104.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):97992
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.765733387635813
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:46WKkcKSdmT/ya7LLuPaCdx4vOw38M1g0Pg9evRKrmFqYWXN7kl7g:9WnSAHaH8vAexPg9evRKrmFqYK4l7g
                                                                                                                                                                                                                                                                                                                                                                                MD5:4B57FD2855552DFB6E2BA35B4806964F
                                                                                                                                                                                                                                                                                                                                                                                SHA1:BF726DADC65CD83295C641F7B8101D90187DE028
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:C88B71ACE5B8CF244B0FB2AFC1A4C17329F4716F752DA544602194321C0CE847
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:09C3533CD487FB00B5567DFFBD6F4EF0321178F59EC6B10E31EDB360FEA07A73C195CB1DCE73BC76328CED846D7819BFFCA2FB6BA798A9053FECDEAD81D0382B
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....R...............................................p.......y....@.......................................... ..PN...........T...*...........................................................................................rdata..............................@..@.rsrc...PN... ...P..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...5...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1109.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):102600
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.700887499561242
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:QNsWvrNxLllQdwx9veMTg0Pg9evRKrmFqYWXG7k07PA:usI960ve4xPg9evRKrmFqY1407o
                                                                                                                                                                                                                                                                                                                                                                                MD5:1842F5FE46DE45C677878BAA12CCD45C
                                                                                                                                                                                                                                                                                                                                                                                SHA1:976AD2B15BB32AE4DA34A08D2FA19820A233719F
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:1FA911B7601D99D5D466BF00509BC74F1E401DC9B28934E3FE192AFB393C3C74
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:5B2B3DA715FBB061FCAA52B472A45AB4E9D405A6227E05C2E7F2C28C26C68B1A31F62E5CACF1C428C1B9B8DEA511FA08BAD2472D7C19F6D10F28D5D43C34D970
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....d......................................................~.....@.......................................... ...a...........f...*...........................................................................................rdata..............................@..@.rsrc....a... ...b..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...H...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1110.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):97480
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.162478152700381
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:RtVvrN/KQEDdwd9vJ2q0EZqMTg0Pg9evRKrmFqYWX37k3N7s:DL/hE5IvCR4xPg9evRKrmFqYw43N7s
                                                                                                                                                                                                                                                                                                                                                                                MD5:7BD0AA9E08F398349EFC8A66ADAC5869
                                                                                                                                                                                                                                                                                                                                                                                SHA1:243346D6B341D6F564E0733F3335E608DE7A68CA
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:E012626D39759321D5DD8F7B0997A6870C99629528B2B8C3AEE6CA2BDDCE31A4
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:44E10B4F107EBFE2048EB84CDA39B8542FDD3F77FD9FD6BD2F82117F73C16F7F5A224E64189E2FA35FE9D46E3B6018ED7AF6260EF8E247E9342FD4E6D59F58A5
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....P...............................................p......K>....@.......................................... ...M...........R...*...........................................................................................rdata..............................@..@.rsrc....M... ...N..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9..84...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-1155.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):114376
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.0655027898870735
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:8pg4lMseFlQWOc7tEsGGg7gsaVgdevRKrmFqYlyO40e7h:WVx1FX7h
                                                                                                                                                                                                                                                                                                                                                                                MD5:D2C32E53C740279122EE34DE2C4DE7CF
                                                                                                                                                                                                                                                                                                                                                                                SHA1:B6B9D7FB326776D0C4AA83CBD5287ADD6164379E
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:52086F126E9ECA470413BCA863464BFB28D1F9BDB9E86269F58210DC5969BF3A
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:306CC3D91EFA792C165BDDF1E3C7378D023B2538079268536E253B7768B5DBF228929D13EDA9D409285B2FEC20490A4D38C40BB70F7FA6DBA7F0463B24D3F541
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'............................................................[9....@.......................................... ..................*...........................................................................................rdata..............................@..@.rsrc....... ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...v...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-2052.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):117448
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):6.4084588760923475
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:ZGxyn9Exb6Y08VEFxBEsZiDF161Fb3KNTbFhYVYm0MBLs6AJ4s7j:qnCEsZiDF161Fb3KNTbFhYVYm0MBL/SX
                                                                                                                                                                                                                                                                                                                                                                                MD5:52BD1C6DE943B753795A06DB13E7C8CB
                                                                                                                                                                                                                                                                                                                                                                                SHA1:D303A7BC2FED1BF35449C69E6392FFEC2002E4E1
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:2B4CF965E5AFDABBEA9C5575DEC4816F1B27B58F5BB4BCA796F81AF689FC0B0C
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:E6B8D4DABC65DDE53BDEE514EA7BAB9ECD6ED95D92676C9FFE26990EE22E5556CE61BA7794195DD5D6A8EAC711C5A08011E5E0591D5F821C849C9E6FAFE9123B
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'..................................................................@.......................................... ...................*...........................................................................................rdata..............................@..@.rsrc........ ......................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.. m...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-2070.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):297672
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.644621709868437
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:QGqtz94a2dDACKivroL6+U4/5exMXvsE+DgDCCyie9uS44RdX417T:c52Pc7t77T
                                                                                                                                                                                                                                                                                                                                                                                MD5:A5FC5AB88EA3579FF632B89F303E78B5
                                                                                                                                                                                                                                                                                                                                                                                SHA1:9540D7D11DA74325FB3BA047271BAD865552188C
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:2B8C07D6171B2CA970AA17E1586FF32DE637A411C09B0A2214B8F0462B441F1D
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:8029AE48C6286B323877B7C947E84351481A287F780F2192AEAE725FCAF9B1C31B186000946E90754933C9F3BEECC12BE4358788BEAEC2AF1FCD39BB8EBF4782
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....^.......................................................k....@.......................................... ...Z...........`...*...........................................................................................rdata..............................@..@.rsrc....Z... ...\..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M..0-...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-2074.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):292552
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.7502607734239897
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:pGEuN5SiRYJ5ynmF05tB8HxPNQImSNi44uN7RB:hBiaQYr7RB
                                                                                                                                                                                                                                                                                                                                                                                MD5:10F3E61D76AAACD07E95C0F14095E41C
                                                                                                                                                                                                                                                                                                                                                                                SHA1:0128EF966DD58B059868A4514A06DC12F2984545
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:09B7DB43A439D114F4C27BC538DB1A007FC3F21353C54AB340F29209D8D36B13
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:2A1E4E301C3B7F6E7F5AFCE2567E50FFBEC9CF3DC16FE39723536FE670BB663F3747D61FF7FD177EC1D05ACF281815AF9FD245AE97BB40205BA607FDDF6BA014
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....J...............................................p......+)....@.......................................... ...G...........L...*...........................................................................................rdata..............................@..@.rsrc....G... ...H..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ...-...rsrc$01.....M.......rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-3098.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):100040
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.714461113598932
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:2aTftzNluN4jjDovp+MTg0Pg9evRKrmFqYWXw7kAZ7S:5rlISjDovp+4xPg9evRKrmFqYT4AZ7S
                                                                                                                                                                                                                                                                                                                                                                                MD5:CB6046F09230FE049A5A295CCDBB66AD
                                                                                                                                                                                                                                                                                                                                                                                SHA1:6C9A322E08178B049821FA5E17A9ECB33BE556CA
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:EEA308D45A952C3511599E82FEE224F8D2026A24B3953DFBF1A6BC2EE44E026C
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:5A1AA4D500C1ECCE59B2D248AF48A80F886739BE755F895F4DC3C9F484296BDDF08D1D10F4DA095769541EFB86C6698EA624DAC0934E9FD55714601E0177E00C
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....Z...........................................................@.......................................... ...V...........\...*...........................................................................................rdata..............................@..@.rsrc....V... ...X..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...<...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-5146.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):103112
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.183976054926988
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:VWTdQdr3+167bBBAOe6wCBjviagdevRKrmFqYUTS7kd7es:cBB6HvAOQCJRgdevRKrmFqYaS4d71
                                                                                                                                                                                                                                                                                                                                                                                MD5:86B30F157D28953E806E25725FA6B861
                                                                                                                                                                                                                                                                                                                                                                                SHA1:D9AD0F6E197756625171C8E4FE25EFF4B91C2BFE
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:D6960574BF9DC1DF2C53676CB54E94B7F82504B1973C0CCFEDBE43C1DAC967AE
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:34F468B197EA950C925398011542FEA88456B5EC3FF6E74A96C0563A59B2301A0A448C2898C887A74BE55A97D895178A709FB8D356322B45519B3CCC2930518D
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....f......................................................w.....@.......................................... ...b...........h...*...........................................................................................rdata..............................@..@.rsrc....b... ...d..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...I...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Local\Temp\nsw3338.tmp\ui\res\lang-9999.dll

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):101576
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.7387857703328455
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:oHIbKpE+8vrNGbxN8nIvfS+kMTg0Pg9evRKrmFqYWXd7kr7i7:b6SIvbk4xPg9evRKrmFqYK4r7g
                                                                                                                                                                                                                                                                                                                                                                                MD5:7EFFD62972D895CE579A02DF7B442082
                                                                                                                                                                                                                                                                                                                                                                                SHA1:5DA99B397486329977ADC54634B3FFBF6DAC20C7
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:17CCB46D2ABF20391A60D090C336ED13349554D40B407BA6C0813C221991F05E
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:F589FC3584BA678EFE15BC7E476DF9E6193B5A59E317B3282B531407CDA165EBB949BE9BC7329A30F8EEB3DF15076EB0329A908A7BCB8333B1099F6CFF90A392
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........^...?...?...?....~..?...?...?.......?..Rich.?..........PE..L.....+g...........!...'.....`............................................................@.......................................... ...\...........b...*...........................................................................................rdata..............................@..@.rsrc....\... ...^..................@..@......+g........l...4...4........................................rdata...........rdata$voltmd...4...l....rdata$zzzdbg.... ..P....rsrc$01....P9...C...rsrc$02............................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\Q14I0EU6GPWYBDIEE0GM.temp

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):6907
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.1400431371009834
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:yfdkYsmRPd2lpqjfdkYsmRFxd2gC3fdkYsmRf0d21xpfdkYsmR5d2a1:LqyTqWCq2ql
                                                                                                                                                                                                                                                                                                                                                                                MD5:CA104DF8C4EBC44BF5420EBE4C535728
                                                                                                                                                                                                                                                                                                                                                                                SHA1:B37E25134B331EF4E1F8E43EEF5777B0C4258D28
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:C91133DDF3AA6707ED5128969953A2F7E32A4792F5FAF345E3AFD52464E44026
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:702F18B04D247FF406FEE04822BB8919C1188057D684527382F1E4231805618119D08F6EB4524C529240E08029DFB0E441D89BCBE908E2FB8C71C99C1F2FE99E
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:...................................FL..................F.@.. ....=2.b0..^7..b>...=2.b0..0!...........................P.O. .:i.....+00.../C:\.....................1.....xY.Y..PROGRA~1..t......O.IxY.Y....B...............J.....e.J.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....Z.1.....xY.Y..CCleaner..B......xY.YxY.Y............................J.C.C.l.e.a.n.e.r.....j.2.0!..fY.| .CCLEAN~1.EXE..N......fY.|xY.Y....C.........................C.C.l.e.a.n.e.r.6.4...e.x.e.......W...............-.......V...........I..U.....C:\Program Files\CCleaner\CCleaner64.exe..../.A.U.T.O.J.L.(.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.C.l.e.a.n.e.r.\.C.C.l.e.a.n.e.r.6.4...e.x.e.........%ProgramFiles%\CCleaner\CCleaner64.exe..............................................................................................................................................................................................................................%.P.r.o.g.r.a.m.F.i.l.e.s.%.\.C.C.l.e.a.n.e.r.\.C.

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\YCSY57EUV1ZYRP474QZ8.temp

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):6907
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.1473602769539664
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:yfdamRPd2lpqjfdamRFxd2gC3fdamRf0d21xpfdamR5d2a1:sy0WFZl
                                                                                                                                                                                                                                                                                                                                                                                MD5:FD38AB44638AEB9619FC4E41DC20744E
                                                                                                                                                                                                                                                                                                                                                                                SHA1:CFB40945FAEF0E4CA2CE1ECE87BAD60C2D7139CE
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:82790F8D33438653F6E98B489D06E2ACB02D6DDCB1903129E058FDF36D7BE574
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:48968EF2374B66B2E4E6A269D6DA1149A6869EAE73DB4BD07DB5DAEF137C71E3C72F3139CA533BB42D26A6BCBC4B1208A89E00C08116B747B623692CE75C44ED
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:...................................FL..................F.@.. ....=2.b0..^7..b>...=2.b0..0!...........................P.O. .:i.....+00.../C:\.....................1.....xY.Y..PROGRA~1..t......O.IxY.Y....B...............J.....e.J.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....Z.1.....xY.Y..CCleaner..B......xY.YxY.Y............................&.C.C.l.e.a.n.e.r.....j.2.0!..fY.| .CCLEAN~1.EXE..N......fY.|xY.Y....C.........................C.C.l.e.a.n.e.r.6.4...e.x.e.......W...............-.......V...........I..U.....C:\Program Files\CCleaner\CCleaner64.exe..../.A.U.T.O.J.L.(.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.C.l.e.a.n.e.r.\.C.C.l.e.a.n.e.r.6.4...e.x.e.........%ProgramFiles%\CCleaner\CCleaner64.exe..............................................................................................................................................................................................................................%.P.r.o.g.r.a.m.F.i.l.e.s.%.\.C.C.l.e.a.n.e.r.\.C.

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccc0fa1b9f86f7b3.customDestinations-ms (copy)

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):6907
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.1400431371009834
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:yfdkYsmRPd2lpqjfdkYsmRFxd2gC3fdkYsmRf0d21xpfdkYsmR5d2a1:LqyTqWCq2ql
                                                                                                                                                                                                                                                                                                                                                                                MD5:CA104DF8C4EBC44BF5420EBE4C535728
                                                                                                                                                                                                                                                                                                                                                                                SHA1:B37E25134B331EF4E1F8E43EEF5777B0C4258D28
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:C91133DDF3AA6707ED5128969953A2F7E32A4792F5FAF345E3AFD52464E44026
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:702F18B04D247FF406FEE04822BB8919C1188057D684527382F1E4231805618119D08F6EB4524C529240E08029DFB0E441D89BCBE908E2FB8C71C99C1F2FE99E
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:...................................FL..................F.@.. ....=2.b0..^7..b>...=2.b0..0!...........................P.O. .:i.....+00.../C:\.....................1.....xY.Y..PROGRA~1..t......O.IxY.Y....B...............J.....e.J.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....Z.1.....xY.Y..CCleaner..B......xY.YxY.Y............................J.C.C.l.e.a.n.e.r.....j.2.0!..fY.| .CCLEAN~1.EXE..N......fY.|xY.Y....C.........................C.C.l.e.a.n.e.r.6.4...e.x.e.......W...............-.......V...........I..U.....C:\Program Files\CCleaner\CCleaner64.exe..../.A.U.T.O.J.L.(.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.C.l.e.a.n.e.r.\.C.C.l.e.a.n.e.r.6.4...e.x.e.........%ProgramFiles%\CCleaner\CCleaner64.exe..............................................................................................................................................................................................................................%.P.r.o.g.r.a.m.F.i.l.e.s.%.\.C.C.l.e.a.n.e.r.\.C.

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\ccc0fa1b9f86f7b3.customDestinations-ms~RF6a968f.TMP (copy)

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):6907
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.1400431371009834
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:yfdkYsmRPd2lpqjfdkYsmRFxd2gC3fdkYsmRf0d21xpfdkYsmR5d2a1:LqyTqWCq2ql
                                                                                                                                                                                                                                                                                                                                                                                MD5:CA104DF8C4EBC44BF5420EBE4C535728
                                                                                                                                                                                                                                                                                                                                                                                SHA1:B37E25134B331EF4E1F8E43EEF5777B0C4258D28
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:C91133DDF3AA6707ED5128969953A2F7E32A4792F5FAF345E3AFD52464E44026
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:702F18B04D247FF406FEE04822BB8919C1188057D684527382F1E4231805618119D08F6EB4524C529240E08029DFB0E441D89BCBE908E2FB8C71C99C1F2FE99E
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:...................................FL..................F.@.. ....=2.b0..^7..b>...=2.b0..0!...........................P.O. .:i.....+00.../C:\.....................1.....xY.Y..PROGRA~1..t......O.IxY.Y....B...............J.....e.J.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....Z.1.....xY.Y..CCleaner..B......xY.YxY.Y............................J.C.C.l.e.a.n.e.r.....j.2.0!..fY.| .CCLEAN~1.EXE..N......fY.|xY.Y....C.........................C.C.l.e.a.n.e.r.6.4...e.x.e.......W...............-.......V...........I..U.....C:\Program Files\CCleaner\CCleaner64.exe..../.A.U.T.O.J.L.(.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.C.l.e.a.n.e.r.\.C.C.l.e.a.n.e.r.6.4...e.x.e.........%ProgramFiles%\CCleaner\CCleaner64.exe..............................................................................................................................................................................................................................%.P.r.o.g.r.a.m.F.i.l.e.s.%.\.C.C.l.e.a.n.e.r.\.C.

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Nov 24 10:15:01 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):2677
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.9732539276983316
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:8ufdgTEUfv+H4idAKZdA19ehwiZUklqehTy+3:8pXfvRgy
                                                                                                                                                                                                                                                                                                                                                                                MD5:10444D244263FD49E2C86F23BFFD8FC4
                                                                                                                                                                                                                                                                                                                                                                                SHA1:3883EF1C468D5DE4CFE11957B148AFB052199929
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:01C8C592788BCE9BB45F269422BDA6AD74E4215409E976D92705940D3E4F912C
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:DC6357FB7CBFD7E2BB119BACDC5A5F1F765781A7960EBDC7DC73E28E139F7C3AFFACD770632B10D4F0F790FE8986BF8FF8A3EC9DBEACD7804E65E91E6AAE6E98
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:L..................F.@.. ...$+.,....\...b>..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....xY.Y..PROGRA~1..t......O.IxY.Y....B...............J.....e.J.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VxY.Y....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VxY.Y....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VxY.Y..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VxY.Y...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........I..U.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Nov 24 10:15:01 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):2679
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.989316658821339
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:8t9fdgTEUfv+H4idAKZdA1weh/iZUkAQkqehQy+2:8CXfvj9Q5y
                                                                                                                                                                                                                                                                                                                                                                                MD5:CD8AE92B68929B31D6C87789D5769A14
                                                                                                                                                                                                                                                                                                                                                                                SHA1:ECEF3047D66D01B415BBA64A28C1F47F180CEFC3
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:200836088EA61855762DCD3C13D54C4249ABD33CCB9E91C11D1A344100653272
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C3E02B5681174663CC46EB0A24349987EF3C705CE4E6CA923C27B4227DA2B926BB19EEFF79E13130219607EDF5A2A2B5B8A23BF84F8BCE6D5314704E178F646F
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:L..................F.@.. ...$+.,........b>..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....xY.Y..PROGRA~1..t......O.IxY.Y....B...............J.....e.J.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VxY.Y....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VxY.Y....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VxY.Y..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VxY.Y...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........I..U.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):2693
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.001703680617341
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:8xhfdgTEUfsH4idAKZdA14tseh7sFiZUkmgqeh7suy+BX:8xYXfFnsy
                                                                                                                                                                                                                                                                                                                                                                                MD5:C601E59C09A0C5BD5EAF8B02FE1B5784
                                                                                                                                                                                                                                                                                                                                                                                SHA1:1B65E93DF426382E207962A40ED653BB1B37CDD3
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:DE13C46A28FCC25D6DF3680DC3A2C1FC5327E299E192505E0C97F5B22C838427
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:29B0FA3097A38CE9743344166C0054C1D424F90F2A856C977DF0B80714E680520AE556FE31BF64066316DBBC44350B30F04FA78F1F9E3ED32F48DC1873B87AEA
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....xY.Y..PROGRA~1..t......O.IxY.Y....B...............J.....e.J.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VxY.Y....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VxY.Y....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VxY.Y..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........I..U.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Nov 24 10:15:01 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):2681
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.987142194831445
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:8ifdgTEUfv+H4idAKZdA1vehDiZUkwqehUy+R:8VXfvA2y
                                                                                                                                                                                                                                                                                                                                                                                MD5:360424041114975322C4919A0285D5D8
                                                                                                                                                                                                                                                                                                                                                                                SHA1:3106403E78724E4104A14D2B66E884F35DB69F78
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:D24A463C78065785B7A72FC4EFB40B2E7DB954C271F9C3108AF88C3D4C1F4B01
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:4B9A422A47B608320C3A5E1183BCA57E403D91414A9A3FE4E8048FFD573FE299AEFBB3350FE7DB8767E1C0B2CC6350F39E9317063495E9610C12B75D16C049AB
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:L..................F.@.. ...$+.,........b>..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....xY.Y..PROGRA~1..t......O.IxY.Y....B...............J.....e.J.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VxY.Y....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VxY.Y....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VxY.Y..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VxY.Y...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........I..U.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Nov 24 10:15:01 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):2681
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.977346658869211
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:8GfdgTEUfv+H4idAKZdA1hehBiZUk1W1qehqy+C:8RXfvg9Ky
                                                                                                                                                                                                                                                                                                                                                                                MD5:6F561A2B183CBB7388AD4ED6611601E6
                                                                                                                                                                                                                                                                                                                                                                                SHA1:95BA0BC1ED33BAB590879C22010F2235E2A15794
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:DEC40C144BED5D6C6EFAD22098974575A6A5FA47961ADA430001D3735D7F8BC2
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:7FE5EF23B34521DD2DF2AAB33EF6DA974A476C37EC0A7EB382E39C4CB17A59389D0752C1478A1CA1D225AEB698D17042CC4AAA982416E56CC4BF1F66C445FF11
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:L..................F.@.. ...$+.,......b>..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....xY.Y..PROGRA~1..t......O.IxY.Y....B...............J.....e.J.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VxY.Y....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VxY.Y....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VxY.Y..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VxY.Y...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........I..U.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Sun Nov 24 10:15:00 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):2683
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.984106520614489
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:8IfdgTEUfv+H4idAKZdA1duT+ehOuTbbiZUk5OjqehOuTbsy+yT+:8vXfvuT/TbxWOvTbsy7T
                                                                                                                                                                                                                                                                                                                                                                                MD5:B0959E1813F6EFD7EA45FAD548AA3E7A
                                                                                                                                                                                                                                                                                                                                                                                SHA1:9A9AB39ED9F09F0C20CC15285ECB7A7BDDEF7B1F
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:EE5D10152531DD20E00A6043EB529DE6C24B9435CE32500357EC210CB4E1354B
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:DADD13ECCF088D2D644AEE05BBF85B6D154FAE15A1A3D3D609B57A58FAEAEC62346057BE4B8E051FFE8B1F00E07E595B002FB743429354EFDA247B454225F516
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:L..................F.@.. ...$+.,......p.b>..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....xY.Y..PROGRA~1..t......O.IxY.Y....B...............J.....e.J.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VxY.Y....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VxY.Y....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VxY.Y..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VxY.Y...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........I..U.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\cookies.sqlite-shm

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                                                                                                                                                                MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                                                                                                                                                                SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\v6zchhhv.default-release\webappsstore.sqlite-shm

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):32768
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):0.017262956703125623
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:G8lQs2TSlElQs2TtPRp//:G0QjSaQjrpX
                                                                                                                                                                                                                                                                                                                                                                                MD5:B7C14EC6110FA820CA6B65F5AEC85911
                                                                                                                                                                                                                                                                                                                                                                                SHA1:608EEB7488042453C9CA40F7E1398FC1A270F3F4
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:FD4C9FDA9CD3F9AE7C962B0DDF37232294D55580E1AA165AA06129B8549389EB
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:D8D75760F29B1E27AC9430BC4F4FFCEC39F1590BE5AEF2BFB5A535850302E067C288EF59CF3B2C5751009A22A6957733F9F80FA18F2B0D33D90C068A3F08F3B0
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:..-.....................................8...5.....-.....................................8...5...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):55
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.306461250274409
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:YDQRWu83XfAw2fHbY:YMRl83Xt2f7Y
                                                                                                                                                                                                                                                                                                                                                                                MD5:DCA83F08D448911A14C22EBCACC5AD57
                                                                                                                                                                                                                                                                                                                                                                                SHA1:91270525521B7FE0D986DB19747F47D34B6318AD
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:2B4B2D4A06044AD0BD2AE3287CFCBECD90B959FEB2F503AC258D7C0A235D6FE9
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:96F3A02DC4AE302A30A376FC7082002065C7A35ECB74573DE66254EFD701E8FD9E9D867A2C8ABEB4C482738291B715D4965A0D2412663FDF1EE6CBC0BA9FBACA
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:{"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

                                                                                                                                                                                                                                                                                                                                                                                C:\Windows\Tasks\CCleanerCrashReporting.job

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):666
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.602027113868151
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12:9cFkbdpzANtf9HoUGmubdpkIS2ByubdpkXFSIvUYe1OUmLZknNsD0rEwKVBHN:fddatdoFmqd2lWyqd6VbYOUmLYsDuEw4
                                                                                                                                                                                                                                                                                                                                                                                MD5:B0C750434136909B81F1D47FF257822D
                                                                                                                                                                                                                                                                                                                                                                                SHA1:FACB377E1ACF75C6227780B2603913D3549E8C2E
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:FD0F562AEF5CD8FE8CFC853ECC0B181C079EB9AC940BE14B90C171284A47F081
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:E904340EA512774CE0B7F4B5772B783B5E761450FE3A1C29704B43905C93A6E6EDF8DADBE0D51F4F1F9280849A6D99FF8FD20D29185916A7DE670F5A012968FB
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:....#r,.P.`K..Le.a.F.h.....<... .....s.......... ....................0.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.C.l.e.a.n.e.r.\.C.C.l.e.a.n.e.r.B.u.g.R.e.p.o.r.t...e.x.e.....-.-.p.r.o.d.u.c.t. .9.0. .-.-.s.e.n.d. .d.u.m.p.s.|.r.e.p.o.r.t. .-.-.p.a.t.h. .".C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.C.l.e.a.n.e.r.\.L.O.G.". .-.-.p.r.o.g.r.a.m.p.a.t.h. .".C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.C.C.l.e.a.n.e.r.". .-.-.g.u.i.d. .".a.a.2.c.8.6.a.a.-.7.f.c.5.-.4.c.8.e.-.a.6.9.d.-.1.9.a.7.d.b.c.0.b.7.2.a.". .-.-.v.e.r.s.i.o.n. .".6...3.0...1.1.3.8.5.". .-.-.s.i.l.e.n.t.......P.i.r.i.f.o.r.m. .S.o.f.t.w.a.r.e. .L.t.d...................0...............................................

                                                                                                                                                                                                                                                                                                                                                                                C:\Windows\Temp\D566D7D7-DCD6-471C-8109-BE0AD33199E3

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):64
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):2.7165786642591
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:CGKMTlsQldIHldFQDIKQykS:zKMvoHlQUS
                                                                                                                                                                                                                                                                                                                                                                                MD5:9D5A5C4D50147F5B12DDA3A3A882AAD5
                                                                                                                                                                                                                                                                                                                                                                                SHA1:5E7770402A048B6D3C542D3807937ADA8C21106E
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:C5DC37FDD09816EDCED35CFB6884A4D219F0D82009A62417A76668619285334A
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:68354A3CAC42BED7385005B2A53FCE4721EA0C02D26D2253FE5E794B3B6ACC3D86736C6F7C54678266E78C6B0E82285B6CA95ABFA05AD160D18F0F898D4CB329
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:9.0.F.8.6.7.5.3.A.1.6.A.5.8.7.B.B.8.8.5.B.F.1.6.1.3.6.7.F.6.3.C.

                                                                                                                                                                                                                                                                                                                                                                                C:\Windows\Temp\F07D8C6A-04B6-4025-869C-70A788D7B5C0

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):72
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):2.82483672359337
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:ylglHl5bRbi/n5ROSroalE+n/:2gUP5ISZlE+/
                                                                                                                                                                                                                                                                                                                                                                                MD5:CFE1F6460AEA86C69B9EA25558ED8D3B
                                                                                                                                                                                                                                                                                                                                                                                SHA1:C66E5184614910E767F878FBB03028DD2467B033
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:9F5235FFB74367BF0F50A6AB1E4C31985506234644205711F579EABEB3F066C4
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:D655679E370800C7A3F0ECA84B51149900854018E6C7AD38A29027CB9B4DF51154054B34AD1C6A15FA515BA1C7A1B6E529288F183C30C45991832F76961E2A15
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:5.b.3.2.4.b.b.f.-.8.3.4.d.-.4.d.5.4.-.8.f.4.1.-.6.c.f.8.e.a.5.0.5.5.0.8.

                                                                                                                                                                                                                                                                                                                                                                                C:\Windows\Temp\waapi-1732446978\dee05ccdd54c4d9596188efc

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):12
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.2516291673878226
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:cQu:W
                                                                                                                                                                                                                                                                                                                                                                                MD5:39107C1C6F851D9ABD39853E9051A6EC
                                                                                                                                                                                                                                                                                                                                                                                SHA1:C056097AAE76507F0347E9622066066C6DFA0FB2
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:2030D85656119C8A0B0BDCABEE349A84C0A633CC73B98441EA6E179A772EA45E
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:B4D23EE2D0D1FEF55AE3E85A4A6115FEAF2958DFB21E10B8134044656516A6EFE9062557F6DF584869F6DFDCAAE4C399A66ACF4B6FC4B4BAAA77C4C51A2E3A79
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:WA1732446978

                                                                                                                                                                                                                                                                                                                                                                                C:\Windows\Temp\waapi-1732446978\lc.dat

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):2928
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.932304874408447
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:+CuitFrFijpv9L68lQiEV8kipmMKFJaNDkNwrwewu9:+CuuFrE5dlQiE+zmMkB2WQ
                                                                                                                                                                                                                                                                                                                                                                                MD5:379D6DAFAF8EDBEBF5D68C4F563AC69D
                                                                                                                                                                                                                                                                                                                                                                                SHA1:FE7CB5E3FF04F8BBFCE7FADE587FD7682CDD04D2
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:AAA86A173E1D43BB5B038DA1DEDC4161F3FBAD2D972322C28CFA641FB585DB64
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1B69B24C363092FD3F35152E7753A1765D030A06EADC77E050E19F32EC60E95AEDB8227FA5794BC5121074A4AFE083E2DFAFE39608238EE441165F863290D4AE
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.R....7.T.=q...|.....]Z.W?.'u...e{..c.b..kSsT.E..'......G.k..h...`$.y._C....\,...B.}..H8ck...Y.1...4%.0f-.2.LI.Cx`.y.W.....H.%rPp).5.'......=[H..r..B;....q.j......p.$.+...3`....W.......C$....n.R....~7..0.M.@....kc..".4%...........~..tI...9..4......n.U. ..I>.9[....j...2)s....4<~.l0?s.7. ...L.q.$A.s..Z.. .s.u...s89.V?...Q.h+*..0..J..y..<.$#..!..D#.s.......U...hZ............]B.......'..c_E...2/.>?v..d....s.2[.Y.....[.:.k...7........u..C?..DqK..3.k..SM..&.n}f.......f.q....a..C........C.4.1..o...m45..k........u>.J.8...fK....V.....6..z.d.]..IV..N.$!.a.,Ulp....J.~....{.|.%T...F.). A/vw......u...E...}@%!M.v...mLT'...4`.o.JPp.J.....`|.......&...2.......H.>...taq..^#.`..g{.....A}y7w"........!.k5$r.....%z...Q...'...L..J....n.l..MJNt...r......=.*...e3.....D).:.n...k.b0#.+...(..(.R.Rz...b.]..s....D?.....#.:a..-x.y..:W3Y>~./H.....w!.p.*Yv.r....m..%Z...r.%/.]Q.....{.YlXYN5.2..U...qR(r.".;e.X......U|.~......g..#.s...iCF....E..u..+..R6...*o

                                                                                                                                                                                                                                                                                                                                                                                C:\Windows\Temp\waapi-1732447020\9bedc75df002c2da24d49a5b

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):12
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):2.918295834054489
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:cQ:L
                                                                                                                                                                                                                                                                                                                                                                                MD5:1C53D7D92AD0450C1048E2F11EBED704
                                                                                                                                                                                                                                                                                                                                                                                SHA1:CE555FA35EFFC59E409E840EC55B494CF4C03215
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:04D3E42029375295A72674150104E83B5FBA5CFC401AAB05E8DE10D84A088A8F
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:7E0E88509BEC9DCEB38B354802D0191F0B5133348347D3AF78D91F3827B2F6EA66031AA23AC7C8B0877C690176D50876E55F884178EFECEA04F2D0519371ACEA
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:WA1732447020

                                                                                                                                                                                                                                                                                                                                                                                C:\Windows\Temp\waapi-1732447020\lc.dat

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):3024
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.921260966310264
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:pGc2Ff2LPk2SrqEv5pGzs8kvlwHZ4ub/eS3UWz8GmCmxNuVkeK4P8dtU17/p:pkKMrqbl2lyKk/F/AdbUd
                                                                                                                                                                                                                                                                                                                                                                                MD5:5C4E1B9453A743B005CEA625ED48323A
                                                                                                                                                                                                                                                                                                                                                                                SHA1:B70A7FBFDAAD87F28E9F035C99CECEBA23C4F673
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:0FC16CCFC4BFA5B6954D1D0E2698456BE1C991BE1F411B31BAD062EED87C7BC2
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:E875022DE3B4E3E10CCAAD24E095BAF669103D5BDF0A684AF0025459F5B1EDE48C609DE4DFB097B42D9FE0AFD302FEE0094D023D476E9ACD1ED23561F3A48535
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.F".w.7...?..l.5...S)P.r.......W.!.#...D.]TQ.q....WF0jF2>xz...F.U..9...W...?...s.B.N.....O':e.t:\(......9..E.OW.vKP..V..TS.?W..........6.*k..d.J......(.eh}&.3....Z...e....I-dD.;..].P:..I...?w.... .bfu.Kk..\..B>1&'..._8uY.......kNhg.I4./............eA+I...P...I...1.>...a.#..In......F?...1.._.v.-V.....r...>d.Kx...f.H.F..@...Q%.<........j-..QQb2.(>...........h..M..i./......+jn....]...n..iW....{...O.qu.R..I.....V.pL(@u(..]bSm..Z..A..O...~.t.....v.L.{hG{..mc#.aaFv.>W.{.....:v0.dl........k.1..y6...$i.H4...$lx.7.#@..>.R....D.5.....1........21......F........t...u.N....YD5...(..e.C....@..t..B...b.A.d...0..7.Q.L.+N.M.z.....F....Wt,...z.Z.........OJ"hWn..w.YQ...&.m...c.*....*-.qG....E...x.Rr.... ..Mu.-..t5Z....'..Jl..Wz...R.'.o.>....t..#}..r.e......r...........dH........!;.=.d.}.....i....(..t .{...X..w..j.bu.. .....5.r...b[c1..h .).lpv0;....eW.h..u.]V.aD.2.. .E..g`v.'...1ZJtqD...Q.aT..:J.#.......vx..~I7...^F..u.=...O3.#....`.d.I;..._.C[..$..A.

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 398

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:C source, ASCII text, with very long lines (64709), with CRLF, LF line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):280367
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.4006220745703635
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:vs5yDt+KI+99jlx8Ux82h1L2q/Bzgnczbr+s:vfW2hcurzbr+s
                                                                                                                                                                                                                                                                                                                                                                                MD5:919B9C8B91978D252C6CF43DAF4BBE7C
                                                                                                                                                                                                                                                                                                                                                                                SHA1:EE050317EF2F7917723E5C093925552BA5CE48DC
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:CED027816957FD6E83521C48FEDCA4BB121DE15A29D22AF4EF6E512D7BC9F186
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:D33A558644A97531D63C0BF673057621ACF1627BB1EF1CAAC472F37944E04E55C8232C516EC2DBD8CEF419B450D300B8775F644FA3BDC722BAB96D0525BFFA0E
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:(function(apiUrl){..window.mhubc={ads:[],push:function(u){window.mhubc.queue.push(u)},queue:window.mhubc&&window.mhubc instanceof Array?window.mhubc:[]};var util={define:function(u,o,t){window.setTimeout((function(){var e=util.modules[u]=function(){},i=o.map((function(u){switch(u){case"require":return util.require;case"exports":return e;case"./generated/mhub_pb":return util.proto.CrossMasters.MHubCloud.Protobuf;case"google-protobuf":return util.jspb;default:if(util.modules.hasOwnProperty(u))return util.modules[u];throw"Not supported dependency "+u}}));t.apply(null,i)}),1)},modules:{},exports:function(){},require:function(){},main:function(u){var o=u(util.define,util.exports,window.mhubc);util.jspb=o.jspb,util.proto=o.proto,util.apiUrl=apiUrl},jspb:void 0,proto:void 0};...util.main(function(define, exports, mhubc){..var $jscomp=$jscomp||{};$jscomp.scope={},$jscomp.findInternal=function(e,t,o){e instanceof String&&(e=String(e));for(var r=e.length,s=0;s<r;s++){var n=e[s];if(t.call(o,n,s,e

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 399

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):230844
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.203439131867488
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:AOldnEYDjCvJCRCcNrPfOh3AKZB2T8Lrlm7QB3guWfBZoZrFzYzVv7hknkDZ5fQg:/lVEACRCRCcNZOFzYDknkrxTYAfzr7B
                                                                                                                                                                                                                                                                                                                                                                                MD5:714430328B6BF6103B0759FDA7017EE9
                                                                                                                                                                                                                                                                                                                                                                                SHA1:CA1B6BDE7C34787C2759EE01CF3BA4D7B9CD6BED
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:8DDB8B71BC551694ACC6699DD73D08EA8E8A0B39312B085C249AA8343CD0C683
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C91F560AC9F7C25717E3313161D0B351AB10A0AF232E6008C26C62A777D570D4A3A309F5F5AF55E42E75CE294D888A5B5895CDC7006241AB3BE72B113D83B8F6
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:{"DomainData":{"pclifeSpanYr":"Year","pclifeSpanYrs":"Years","pclifeSpanSecs":"A few seconds","pclifeSpanWk":"Week","pclifeSpanWks":"Weeks","pccontinueWithoutAcceptText":"Continue without Accepting","pccloseButtonType":"Icon","MainText":"Privacy preference center","MainInfoText":"By clicking \"Accept All\" you allow cookies that improve your experience on our site, help us analyze site performance and usage, and enable us to show relevant marketing content. You can manage cookie settings below. By clicking .Confirm Selection. you agree with the current settings. See","AboutText":"Cookies policy","AboutCookiesText":"Your Privacy","ConfirmText":"Accept All","AllowAllText":"Save Settings","CookiesUsedText":"Cookies used","CookiesDescText":"Description","AboutLink":"https://www.ccleaner.com/about/cookies-policy","ActiveText":"Active","AlwaysActiveText":"Always Active","AlwaysInactiveText":"Always Inactive","PCShowAlwaysActiveToggle":true,"AlertNoticeText":"By clicking \"OK\" you allow

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 400

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (22445)
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):22446
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.308445901412534
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:384:V82ipcutdutMABwXCQ+Ur+heTJ8eMAB6Lxbnmcc2Jo4pc:VSpcdCABwXG1heTJHexzdc
                                                                                                                                                                                                                                                                                                                                                                                MD5:1F896D98B7411583B15A172A513F2AA5
                                                                                                                                                                                                                                                                                                                                                                                SHA1:FA0A090E659190C28E40B25DDB080B7A52E99A61
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:ADE920FD5B00CD298AAE7978673A9A64D0BB3FA593D23E91994EC6B6723EBACE
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:0E67EB6B3ACC832DF85626AEEA6D0C522E4CAB202BAE39781DC9EB99C73D38A6298369E5B6154FF81102B865CAA0F0905281C6851671A0D86A3511F252BD7FEB
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
                                                                                                                                                                                                                                                                                                                                                                                Preview:var OneTrustStub=(t=>{var a,o,r,e,l=new function(){this.optanonCookieName="OptanonConsent",this.optanonHtmlGroupData=[],this.optanonHostData=[],this.genVendorsData=[],this.vendorsServiceData=[],this.IABCookieValue="",this.oneTrustIABCookieName="eupubconsent",this.oneTrustIsIABCrossConsentEnableParam="isIABGlobal",this.isStubReady=!0,this.geolocationCookiesParam="geolocation",this.EUCOUNTRIES=["BE","BG","CZ","DK","DE","EE","IE","GR","ES","FR","IT","CY","LV","LT","LU","HU","MT","NL","AT","PL","PT","RO","SI","SK","FI","SE","GB","HR","LI","NO","IS"],this.stubFileName="otSDKStub",this.DATAFILEATTRIBUTE="data-domain-script",this.bannerScriptName="otBannerSdk.js",this.domPurifyScriptName="otDomPurify.js",this.mobileOnlineURL=[],this.isMigratedURL=!1,this.migratedCCTID="[[OldCCTID]]",this.migratedDomainId="[[NewDomainId]]",this.userLocation={country:"",state:"",stateName:""}},s=((g=y=y||{})[g.Days=1]="Days",g[g.Weeks=7]="Weeks",g[g.Months=30]="Months",g[g.Years=365]="Years",(g=e=e||{}).Name="O

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 401

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Web Open Font Format (Version 2), TrueType, length 18588, version 1.0
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):18588
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.988601596032928
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:384:WF9srt3EJfKy7iOpqErJeqQhzsaZqPTPabcoqYdBTKYPvS9BlTf:Wn6UhKYieqAiPQTwclYQLlTf
                                                                                                                                                                                                                                                                                                                                                                                MD5:115C2D84727B41DA5E9B4394887A8C40
                                                                                                                                                                                                                                                                                                                                                                                SHA1:44F495A7F32620E51ACCA2E78F7E0615CB305781
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:AE0E442895406E9922237108496C2CD60F4947649A826463E2DA9860B5C25DD6
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:00402945111722B041F317B082B7103BCC470C2112D86847EAC44674053FC0642C5DF72015DCB57C65C4FFABB7B03ECE7E5F889190F09A45CEF1F3E35F830F45
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
                                                                                                                                                                                                                                                                                                                                                                                Preview:wOF2......H........ ..H8................................|.`..J.\..<........-..Z...x.6.$..0. .... ..S.7.5..K!.;..../.`..Sn.J.e.52P.(.....=9....f.....$...*.fZ.p...N...t....6.lfS.Ju.i.o.g..<....T"O.o..4..4....M/N.>.K..."[.P...W.u.>]................A.9z....IN^....z..Y.{....m=...+X9<?.......(IA*G8rD....52L0.p .EJ..p....=.......[U...pz..g...../L.U.......P..W.U..q$L..6......C.M.0..R..........D(.ilX.Y..SZ.R...Q..j.6.@\."|.l......3....,.T.....L...ap0......6.j.\&O.z`*.$.*_+vwnr...,....?W.T....!.J...L#%.......A}........\.....l...:....U..u.J.0....O......&.!.)4.V..:.}.0f....:W......?U.....%...b...!....yA.sw.....5..T .}{.t!F.G....{"..pQ.S.v.S....t......U.Y|.v.@....|..(..V.........^....../.7......K......J.Uq/L.T-.`.O........;........';vWq.+....J...J..p.....sB`(1LC.k....?Z{...v>dS....F..........\.....UetU........6.V...vE....._.../...%.q...^.l...>^.z..l..p....j..@H...`X.p...KQ. .<@...I...BF.......L..6...y.2=.P....8;..@`.m.....R.B.L.r.*T.T..l@.6.Y....}g.....F.n...

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 402

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):25320
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.859135725488595
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:vSzVKa08CXq92rqhgDji5A1jWHdTmqJi0o:vSz0Ef92rqhQjqyyHdet
                                                                                                                                                                                                                                                                                                                                                                                MD5:8AF764F8DE1FEAA90054ECB9DDBED251
                                                                                                                                                                                                                                                                                                                                                                                SHA1:5BD24065B0D4BCFF007CD1C9DEF1EF2FC39465AF
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:99FECA634A96A742C1FB62B5D574720933E9164D9D1BA3C617F22CA87F58FA94
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:2E9769CE9FB6714380BEB585B267A42F23483B0B40524DF364FAE425AD24938770C132DDEC668DD65E9597675625F6A0DCA9CD0830F48D91B4184618B89F23E4
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:<svg width="125" height="36" viewBox="0 0 125 36" fill="none" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">.<rect width="39.2628" height="35.8833" fill="url(#pattern0)"/>.<path fill-rule="evenodd" clip-rule="evenodd" d="M49.9807 25.517C49.0129 25.517 48.1206 25.3365 47.3037 24.9754C46.4867 24.6143 45.7798 24.121 45.1828 23.4956C44.5858 22.8701 44.1176 22.1318 43.7783 21.2807C43.439 20.4295 43.2693 19.5204 43.2693 18.5531V18.5145C43.2693 17.5472 43.4358 16.6413 43.7689 15.7966C44.1019 14.9519 44.5701 14.2104 45.1734 13.572C45.7766 12.9337 46.493 12.4307 47.3225 12.0632C48.152 11.6957 49.0695 11.5119 50.075 11.5119C50.6782 11.5119 51.2281 11.5635 51.7245 11.6666C52.221 11.7698 52.6766 11.9149 53.0913 12.1019C53.5061 12.2889 53.8894 12.5113 54.2413 12.7693C54.5932 13.0272 54.9263 13.3109 55.2405 13.6204L53.7511 15.3807C53.2233 14.8778 52.664 14.4715 52.0733 14.162C51.4826 13.8525 50.8102 13.6978 50.0561 13.6978C49.4277 13.6978 48.8464 13.8235 48.3123 14.07

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 403

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (16769)
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):402603
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.651994780640413
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:h4XGggMX/iOG90bPmPL97aBJDMfgQJ7AObvx0/awO:6XPt6ObPmR7V1Z
                                                                                                                                                                                                                                                                                                                                                                                MD5:FDAF90F52F47EC6FB99A498BCEC5639F
                                                                                                                                                                                                                                                                                                                                                                                SHA1:94D76DAD3ED145A80806D70F0DF8C18C63D02A76
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:1D20977F5DD0AFCF1B41340FF6787BCE93658E1325D446D79CEDB6C02796BD49
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:18538A42BDFA0CEDFB1D6A4A32B010BF057E59FE439EEAF69BCAEA15A77FE7CD6EE1888735A8947C0818E436C41BC5433A05A6A5C6CFBA4517FB739EF7FB0B95
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://www.googletagmanager.com/gtag/js?id=G-YG64G9XX0R&l=sdl
                                                                                                                                                                                                                                                                                                                                                                                Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"3",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_cps","priority":14,"vtp_cpsMode":"ALL","tag_id":106},{"function":"__ogt_dma","priority":14,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":108},{"function":"__ogt_1p_data_v2","priority":14,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTO

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 404

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):6310
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.014109706086264
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:96:npyIo40w7BJJF0iwpCZpdGHGa6Ay+TsANj6jZ69jJjFZZ2Os8A:FX7BJJO3pCZpY6v+TsAV+Z0JpVA
                                                                                                                                                                                                                                                                                                                                                                                MD5:50F4085F4654D228891FFDBA08FC7F73
                                                                                                                                                                                                                                                                                                                                                                                SHA1:4E86359280CBCA3BBCDA0ACA8A5B7287732447B9
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:C672F31A0E51298EB1A02A8FC8FCA271FFFC38B49BE9053697B9D7C4E5C756A2
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:A52258779CC34253F351ADAD2198CE4058C6F50FB7B430B2B407EF0DE2CEA2327EE51BD6ECA2E0961551818AF0913480214C6F962856D6336F904678CAB66337
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:{"CookieSPAEnabled":false,"CookieSameSiteNoneEnabled":false,"CookieV2CSPEnabled":false,"MultiVariantTestingEnabled":false,"UseV2":true,"MobileSDK":false,"SkipGeolocation":false,"ScriptType":"PRODUCTION","Version":"6.36.0","OptanonDataJSON":"831b8ee0-e952-49a5-af6b-01382c722774","GeolocationUrl":"https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location","BulkDomainCheckUrl":"https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck","RuleSet":[{"Id":"01912753-8c21-7a17-883f-0a91a4e5ae8b","Name":"US, AU . All Opt-out","Countries":["au","us"],"States":{},"LanguageSwitcherPlaceholder":{"de":"de","default":"en","ru":"ru","pt":"pt","it":"it","fr":"fr","es":"es","nl":"nl"},"BannerPushesDown":false,"Default":false,"Global":false,"Type":"GDPR","UseGoogleVendors":false,"VariantEnabled":false,"TestEndTime":null,"Variants":[],"TemplateName":"CCleaner . REJECT ALL . Template","Conditions":[],"GCEnable":false,"IsGPPEnabled":false,"EnableJWTAuthForKnownUsers":false},{"Id":"0191275

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 405

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (8065)
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):9888
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.489849998921756
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:192:pIUrpupNyxauPY5NGh64rHfbDlOZCTbKTPsGDzY037P2Mu0RLl7s:fYyxg5gRTjDKCTbKTPsGDzPLP2Mu0k
                                                                                                                                                                                                                                                                                                                                                                                MD5:0444AFA35778412DF0931198D1D6A7A1
                                                                                                                                                                                                                                                                                                                                                                                SHA1:4114123B48A255F93C664271C337AFA4F3A30FBF
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:32A75C69013A3DA5ADA7D85C52ED4AF588BB7D6EFED1F7DD792DA7CE0DB5DAAF
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:94FA0094386049AFD5E1FDB17783C571AC018006108EB43BF70985D69FAC1A7D8F177520ED25EEE9765A69F066B18340E70570CAF25071148AAC5CB17AA00180
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:(function () {. if (typeof window.QSI === 'undefined'){. window.QSI = {};. }.. var tempQSIConfig = {"hostedJSLocation":"https://siteintercept.qualtrics.com/dxjsmodule/","baseURL":"https://siteintercept.qualtrics.com","surveyTakingBaseURL":"https://s.qualtrics.com/spoke/all/jam","BrandTier":null,"zoneId":"ZN_4I1jhjmxub1NC6y"};.. // If QSI.config is defined in snippet, merge with QSIConfig from orchestrator-handler.. if (typeof window.QSI.config !== 'undefined' && typeof window.QSI.config === 'object') {. // This merges the user defined QSI.config with the handler defined QSIConfig. // If both objects have a property with the same name,. // then the second object property overwrites the first.. for (var attrname in tempQSIConfig) { window.QSI.config[attrname] = tempQSIConfig[attrname]; }. } else {. window.QSI.config = tempQSIConfig;. }.. window.QSI.shouldStripQueryParamsInQLoc = false;.})();../*@preserve.***Version 2.19.0*

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 406

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):179382
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.391576136425909
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:zgAyhJa8hnU/OUasSKLFh0FSSmGYsYooOcHV2jQPk:zgAyhJa8hnU/rLFh0FSSmcjP
                                                                                                                                                                                                                                                                                                                                                                                MD5:3A12A8D4EC1B77070368D5DA1CFE85B4
                                                                                                                                                                                                                                                                                                                                                                                SHA1:C0E879CD376F037F635A1873C7539421603674D1
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:9E169AC80FE397D4716B35CE1E6587E351FE0CA8FBD632FB5BBDE3F09D6AD643
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:B300A5551821E6B0DD05689DE39AC89BB8A92498DFFA42E56E6F0011054C80CFFE28B5BB9573A16EA6B5948E8F2257482C79FCF9FD7DE900931242BB1AEB0A94
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://www.ccleaner.com/dist/uiv2/style.css?v=1.0.123
                                                                                                                                                                                                                                                                                                                                                                                Preview:@import"https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap";.brand[data-v-97856ddf]{padding-bottom:10px}.brand img[data-v-97856ddf]{display:block;height:38px}nav[data-v-d8d2e858]{--tw-bg-opacity: 1;background-color:rgba(255,255,255,var(--tw-bg-opacity));z-index:100}nav .chevron[data-v-d8d2e858]{margin-left:3px}nav .chevron[data-v-d8d2e858]:before{--tw-border-opacity: 1;border-color:rgba(201,201,201,var(--tw-border-opacity));display:inline-block;border-style:solid;border-width:1px 1px 0 0;content:"";height:6px;position:relative;top:5px;transform:rotate(135deg);vertical-align:top;width:6px}nav ul.level-0[data-v-d8d2e858]{display:-webkit-inline-box;display:-ms-inline-flexbox;display:-webkit-inline-flex;display:inline-flex}nav ul.level-0>li[data-v-d8d2e858]{position:relative}nav ul.level-0>li>a[data-v-d8d2e858]{display:block;border-bottom:2px transparent solid;padding-bottom:18px;padding-top:11px}nav ul.level-0>li:not(:last-child)>a[data-v-d8d2e858]{margin-ri

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 407

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:C source, ASCII text, with very long lines (64709), with CRLF, LF line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):280367
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.4006209760537525
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:vs5yDt+KI+99jlx8Ux82h1L2q/Bzgnczbr+E:vfW2hcurzbr+E
                                                                                                                                                                                                                                                                                                                                                                                MD5:F5CD2473FDB5F18CC411079044EC387B
                                                                                                                                                                                                                                                                                                                                                                                SHA1:955CCE158D05C08BB843FDC6F4881F54FCEEF82C
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:25E785E27220BCA507C8F01807D816F68FA087BA28E2B8A2D098831BA5150CDA
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1659DA8BA9A119E8F896B7EF9AC490E21A9669728861F81EA36757CA51B6E2461968B67ECAAC97FECC7DA8D6DC51A68CC7E212DC5C1D1317DF4D3E5DDAB1F71F
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://mstatic.ccleaner.com/api/mhubc.js
                                                                                                                                                                                                                                                                                                                                                                                Preview:(function(apiUrl){..window.mhubc={ads:[],push:function(u){window.mhubc.queue.push(u)},queue:window.mhubc&&window.mhubc instanceof Array?window.mhubc:[]};var util={define:function(u,o,t){window.setTimeout((function(){var e=util.modules[u]=function(){},i=o.map((function(u){switch(u){case"require":return util.require;case"exports":return e;case"./generated/mhub_pb":return util.proto.CrossMasters.MHubCloud.Protobuf;case"google-protobuf":return util.jspb;default:if(util.modules.hasOwnProperty(u))return util.modules[u];throw"Not supported dependency "+u}}));t.apply(null,i)}),1)},modules:{},exports:function(){},require:function(){},main:function(u){var o=u(util.define,util.exports,window.mhubc);util.jspb=o.jspb,util.proto=o.proto,util.apiUrl=apiUrl},jspb:void 0,proto:void 0};...util.main(function(define, exports, mhubc){..var $jscomp=$jscomp||{};$jscomp.scope={},$jscomp.findInternal=function(e,t,o){e instanceof String&&(e=String(e));for(var r=e.length,s=0;s<r;s++){var n=e[s];if(t.call(o,n,s,e

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 408

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 text, with very long lines (32054)
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):82737
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.417054529586679
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:CZVMbRJN4CoVUTM2ua1OM7CfzGQxmZQx5UG/Lo+oqbH:CaJMYOMuSZQBLDr
                                                                                                                                                                                                                                                                                                                                                                                MD5:6CDA8B6271B502ED1174336D6537D44B
                                                                                                                                                                                                                                                                                                                                                                                SHA1:7A5D5256CED6EA8B8C4B88CB08A7EF0CCB13FE62
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:7CA9E9328C72EAF9F7CB3E12648AD05411A6140291B284D4785E65BB02FB290B
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:7B54A019BAAF08183FA482C73498195B8137C1342818AC57D2DFB4C851C76198FF730125329231CD85BD480DBA3DCD75883E160DBD92169B98F1032E59AB9043
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:/*! Norton - v1.0.2 - 2024-10-07 */function s_doPlugins(a){try{_numeric_.utils.strangeTrafficExclude();var b=localStorage.getItem("strangeTrafficExclude");b&&(a.abort=!0)}catch(c){}var d=a.linkURL;if(void 0!==typeof a.linkType&&"d"==a.linkType&&"string"==typeof d){a.pageName&&a.pageName.match(/avira:(.*):downloads:free-products/gi)&&d.match(/(avira_)(.*_)(sptl1_)(.*)(__.*\.exe)/gi)&&(a.linkURL=d=d.replace(/(avira_)(.*_)(sptl1_)(.*)(__.*\.exe)/gi,"$1$2$3$5")),a.events="event1";var e=d.split("/"),f=e[e.length-1],g=f.substr(f.lastIndexOf(".")+1).toLowerCase();a.eVar1="D=c33",a.prop33=d,a.prop46=g,a.prop47="download",a.prop48=f,a.eVar49="D=c48",a.linkTrackVars="events,prop2,prop33,prop41,prop46,prop47,prop48,prop49,prop59,eVar1,eVar18,eVar27,eVar41,eVar48,eVar49,eVar59",a.linkTrackEvents="event1"}else void 0!==typeof a.linkType&&"e"==a.linkType&&(a.linkTrackVars="None",a.linkTrackEvents="None");a.eVar47="s_code_norton "+s_code_file_modified_date,a.prop21=a.getQueryParam("inid"),!a.prop21&&

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 409

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (22445)
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):22446
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.308445901412534
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:384:V82ipcutdutMABwXCQ+Ur+heTJ8eMAB6Lxbnmcc2Jo4pc:VSpcdCABwXG1heTJHexzdc
                                                                                                                                                                                                                                                                                                                                                                                MD5:1F896D98B7411583B15A172A513F2AA5
                                                                                                                                                                                                                                                                                                                                                                                SHA1:FA0A090E659190C28E40B25DDB080B7A52E99A61
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:ADE920FD5B00CD298AAE7978673A9A64D0BB3FA593D23E91994EC6B6723EBACE
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:0E67EB6B3ACC832DF85626AEEA6D0C522E4CAB202BAE39781DC9EB99C73D38A6298369E5B6154FF81102B865CAA0F0905281C6851671A0D86A3511F252BD7FEB
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:var OneTrustStub=(t=>{var a,o,r,e,l=new function(){this.optanonCookieName="OptanonConsent",this.optanonHtmlGroupData=[],this.optanonHostData=[],this.genVendorsData=[],this.vendorsServiceData=[],this.IABCookieValue="",this.oneTrustIABCookieName="eupubconsent",this.oneTrustIsIABCrossConsentEnableParam="isIABGlobal",this.isStubReady=!0,this.geolocationCookiesParam="geolocation",this.EUCOUNTRIES=["BE","BG","CZ","DK","DE","EE","IE","GR","ES","FR","IT","CY","LV","LT","LU","HU","MT","NL","AT","PL","PT","RO","SI","SK","FI","SE","GB","HR","LI","NO","IS"],this.stubFileName="otSDKStub",this.DATAFILEATTRIBUTE="data-domain-script",this.bannerScriptName="otBannerSdk.js",this.domPurifyScriptName="otDomPurify.js",this.mobileOnlineURL=[],this.isMigratedURL=!1,this.migratedCCTID="[[OldCCTID]]",this.migratedDomainId="[[NewDomainId]]",this.userLocation={country:"",state:"",stateName:""}},s=((g=y=y||{})[g.Days=1]="Days",g[g.Weeks=7]="Weeks",g[g.Months=30]="Months",g[g.Years=365]="Years",(g=e=e||{}).Name="O

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 410

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:C source, ASCII text, with very long lines (65097)
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):143567
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.356891815539283
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:Y6Xryf9h8RsEcEpP/dxHYxh+0Hu7l1zcgJwspJfl3dU0+ik2kQqNZVc7EWiK6cEQ:Y6XK9hMbY/+081afiqGH2jULziOzqy
                                                                                                                                                                                                                                                                                                                                                                                MD5:B1290DFC24CF0FA7FC8086F1B9DD99A3
                                                                                                                                                                                                                                                                                                                                                                                SHA1:9E3FF4C4B46853C46FB8F6BFA46939B92B1BCBB4
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B38B56CC66465707F7A28C32AAA60859276BF30D268EB6D3A90A02BFB6D74BA2
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:F3FAD1E09005557FA72FC402FD3024C15350A5C30A3532989253CD4E9D1523719B7C7C6A5EE673A2B86B61519C7E3E73FEBFAD60527F9774F59EA60FEB7288B1
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:/*. * Copyright (c) 2011, Yahoo! Inc. All rights reserved.. * Copyright (c) 2011-2012, Log-Normal, Inc. All rights reserved.. * Copyright (c) 2012-2017, SOASTA, Inc. All rights reserved.. * Copyright (c) 2017-2022, Akamai Technologies, Inc. All rights reserved.. * Copyrights licensed under the BSD License. See the accompanying LICENSE.txt file for terms.. */./* Boomerang Version: 1.766.60 c28975a504c1aa46de14fe358f4875ace2917401 */..BOOMR_start=(new Date).getTime();function BOOMR_check_doc_domain(e){if(window){if(!e){if(window.parent===window||!document.getElementById("boomr-if-as"))return;if(window.BOOMR&&BOOMR.boomerang_frame&&BOOMR.window)try{BOOMR.boomerang_frame.document.domain!==BOOMR.window.document.domain&&(BOOMR.boomerang_frame.document.domain=BOOMR.window.document.domain)}catch(t){BOOMR.isCrossOriginError(t)||BOOMR.addError(t,"BOOMR_check_doc_domain.domainFix")}e=document.domain}if(e&&-1!==e.indexOf(".")&&window.parent){try{window.parent.document;return}catch(t){try{documen

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 411

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (19863), with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):19863
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.3447766218190145
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:384:s40C/Kax6IcZb9QI0rcOZ4yjR8rSxnMhNgyyi82Xo4uc:Vr6IcZqInOnRHMrPyG1
                                                                                                                                                                                                                                                                                                                                                                                MD5:BC033C3A83E1880E480086BF11AC0B0A
                                                                                                                                                                                                                                                                                                                                                                                SHA1:35137329601CC7E9CECFFEA9B881C363D42799F5
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:AEBE8DF81EE2BA5BC51E3ABC322910EE5122A0AC06EDFBCF7A04E1659D17DC9C
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:45CB92F652D6D14F65FE7CDA19389A6C5BE8BADD7EF0110EAD45D045EC20A6037D0C21C594FD193387C49E5150E8B8FC559CF6476AAFBF2B33324993667516CE
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://s.yimg.com/wi/ytc.js
                                                                                                                                                                                                                                                                                                                                                                                Preview:!function(e){var t={};function n(r){if(t[r])return t[r].exports;var i=t[r]={i:r,l:!1,exports:{}};return e[r].call(i.exports,i,i.exports,n),i.l=!0,i.exports}n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:r})},n.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var i in e)n.d(r,i,function(t){return e[t]}.bind(null,i));return r},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="",n(n.s=0)}([function(e,t,n){"use strict";function r(){if("undefined"==typeof TextEncoder){window.Tex

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 412

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (21734), with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):21734
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.9745767337690445
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:384:VRc7fQD98C4VGojYmCy7qGAVsq1nwGfg4xqsQMPNE:cb7J
                                                                                                                                                                                                                                                                                                                                                                                MD5:81B852E2738D915BD205E94E604ADA01
                                                                                                                                                                                                                                                                                                                                                                                SHA1:B0FCF41960EC04CA22AE72D803B2BBC8CE4B9F5B
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:95950B3796AEA008402278B2354985D041CAD9714A798F808E1A9905A7BB073F
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:64A03BF8B3CF817ECEA3DACAE8781CA02AB1B2C990FD638660C43EC750A7BF9E765359B44614D77ACA2565EB98584E41C8AFB7A564413C0E2169C097590ED364
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://cdn.cookielaw.org/scripttemplates/6.36.0/assets/otCommonStyles.css
                                                                                                                                                                                                                                                                                                                                                                                Preview:#onetrust-banner-sdk{-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}#onetrust-banner-sdk .onetrust-vendors-list-handler{cursor:pointer;color:#1f96db;font-size:inherit;font-weight:700;text-decoration:none;margin-left:5px}#onetrust-banner-sdk .onetrust-vendors-list-handler:hover{color:#1f96db}#onetrust-banner-sdk:focus{outline:2px solid #000;outline-offset:-2px}#onetrust-banner-sdk a:focus{outline:2px solid #000}#onetrust-banner-sdk #onetrust-accept-btn-handler,#onetrust-banner-sdk #onetrust-reject-all-handler,#onetrust-banner-sdk #onetrust-pc-btn-handler{outline-offset:1px}#onetrust-banner-sdk .ot-close-icon,#onetrust-pc-sdk .ot-close-icon,#ot-sync-ntfy .ot-close-icon{background-image:url(data:image/svg+xml;base64,PHN2ZyB2ZXJzaW9uPSIxLjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiIHg9IjBweCIgeT0iMHB4IiB3aWR0aD0iMzQ4LjMzM3B4IiBoZWlnaHQ9IjM0OC4zMzNweCIgdmlld0JveD0iMCAwIDM0OC4zMzMgMzQ4LjMzNCIgc3R5bGU9ImVuYWJsZS1iYWNrZ3Jv

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 413

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:HTML document, ASCII text, with very long lines (815)
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):3501
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.383873370647921
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:96:EI5cZUiKliCJ86U+QTEVWfeLwTauSEegdkZ5edOIC:EI5hiWNJ8kQTEVWfeUauRfdkZ5edO1
                                                                                                                                                                                                                                                                                                                                                                                MD5:147FD3B00C22BA9C939712E9213C24CA
                                                                                                                                                                                                                                                                                                                                                                                SHA1:3B48369B86FA0574F35379AACD1F42CC9C98A52B
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:70F5B11C1870CF90201A6D5F770CA318A3FA5827C74A8765EDE22B487F7D4532
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:E8419A71232EDAC8FD131446777F7D034B3171EFE07B3267479B439E4982650DB65A0D1DDC9F516315D5ED1B01ECFD2F7EB55D75D44AA51EE0AD494D441586D2
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fwww.ccleaner.com
                                                                                                                                                                                                                                                                                                                                                                                Preview:<!DOCTYPE html>.<html>.<head>. <link rel="shortcut icon" href="data:image/x-icon;," type="image/x-icon">.</head>.<body>. <script>.'use strict';class m{constructor(a){this.j=a;this.g={};this.h={};this.i=0;this.id=String(Math.floor(Number.MAX_SAFE_INTEGER*Math.random()))}}function n(a){return a.performance&&a.performance.now()||Date.now()}.var p=function(a,b){class d{constructor(c,g,f){this.failureType=c;this.data=g;this.g=f;this.h=new m(n(f))}s(c,g){const f=c.clientId;if(c.type===0){c.isDead=!0;var e=this.h,h=n(this.g);e.g[f]==null&&(e.g[f]=0,e.h[f]=h,e.i++);e.g[f]++;c.stats={targetId:e.id,clientCount:e.i,totalLifeMs:Math.round(h-e.j),heartbeatCount:e.g[f],clientLifeMs:Math.round(h-e.h[f])}}c.failure={failureType:this.failureType,data:this.data};g(c)}}return new d(5,a,b)};/*.. Copyright Google LLC. SPDX-License-Identifier: Apache-2.0.*/.let q=globalThis.trustedTypes,r;function t(){let a=null;if(!q)return a;try{const b=d=>d;a=q.createPolicy("goog#html",{createHTML:b,createScript:b,crea

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 414

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (16769)
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):402629
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.652046952296157
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:h4XGggMX/iOG90zPmPL97aBJDMfgQJWAObvx0/awW:6XPt6OzPmR7G1B
                                                                                                                                                                                                                                                                                                                                                                                MD5:E598091401303264A2A4D75F97C9687E
                                                                                                                                                                                                                                                                                                                                                                                SHA1:4C3CF4D810BB8BE0FB9BAE254C4FDF6CC000C0CB
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:340752010C096E11F7899C8647C3FF67581C82AA941192B69E3DADF3C41F4C76
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:77693C58E3683DCBB7D2C7E170F3B824A4431E75357281EF29E0191371933E97B378D344B56FD3C4045AA68DDE0DAD847C2DE4B63ABD3D9F39F1E38A8367A9F5
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"3",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_cps","priority":14,"vtp_cpsMode":"ALL","tag_id":106},{"function":"__ogt_dma","priority":14,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":108},{"function":"__ogt_1p_data_v2","priority":14,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTO

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 415

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):979
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.413197516958716
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:twd1QuXMMu28pKprXq3Z4yRSn0IsRRunfR/gWogEiJFBlQ+ooWSEKn:6n65wpLq3S0I7gWogjX9WFM
                                                                                                                                                                                                                                                                                                                                                                                MD5:CD2F3EE235C41EACB6AEB069C77353F5
                                                                                                                                                                                                                                                                                                                                                                                SHA1:0EE782685BC92C180E5D0EC196529C44F6E80EE7
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:91AF4E9906C6B69D1BCD991EDDBFAE079ECE910C5866A807366B63A8805EAF7F
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:F5688778D7BD34366C398A6C79A04361AA57B487A7E733F69EC6A1A5A4FB790D5EE0E92CFDBDD1958C6472AF40537E2B42DB5BC81E2260E1795C8957E2C4FA04
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://cdn-production.ccleaner.com/site/g1rjpwmo/linkedin.svg
                                                                                                                                                                                                                                                                                                                                                                                Preview:<svg width="20" height="18" viewBox="0 0 20 18" fill="none" xmlns="http://www.w3.org/2000/svg">.<path fill-rule="evenodd" clip-rule="evenodd" d="M4.66151 2.09116C4.67056 1.50652 4.43129 0.945587 4.0034 0.548309C3.5755 0.151031 2.99934 -0.0451262 2.41864 0.00877676C1.84137 -0.030699 1.27344 0.17038 0.84889 0.564549C0.424345 0.958718 0.180814 1.51105 0.175781 2.09116C0.180814 2.67128 0.424345 3.22361 0.84889 3.61778C1.27344 4.01195 1.84137 4.21303 2.41864 4.17355C2.99934 4.22746 3.5755 4.0313 4.0034 3.63402C4.43129 3.23674 4.67056 2.67581 4.66151 2.09116ZM0.401104 6H4.35367V17.999H0.401104V6ZM14.5241 5.50366C17.1823 5.50366 19.1758 7.25226 19.1758 11.0006V17.999H15.219V11.5028C15.219 9.83685 14.7425 8.7538 13.2469 8.7538C12.3056 8.75556 11.7333 9.35877 11.4332 10.2533C11.2912 10.566 11.2339 10.9107 11.2672 11.2527V18L7.31809 17.999C7.31809 17.999 7.40157 7.16574 7.31809 6.00001H10.8691V7.50235C11.6287 6.21341 13.0321 5.44597 14.5241 5.50366Z" fill="#46515D"/>.</svg>.

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 416

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):8
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):2.5
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:x:x
                                                                                                                                                                                                                                                                                                                                                                                MD5:402E7A087747CB56C718BDE84651F96A
                                                                                                                                                                                                                                                                                                                                                                                SHA1:7CE01F6381463362CF6AEF2F843A59261E8F5587
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:662EFAF46C617DDBCB8FF4A2A8F64CFFD3D93630F1003F8E66511F369B87730F
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:5080D776D0B123F20E97D44472EF2343BC022105AA67FC802B71668BAEB74A81530355589D50B1142165D17EF995AEAC196B6C15136D518A1EC0ABFA13C91D10
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://8-46-123-75_s-2-20-68-230_ts-1732446949-clienttons-s.akamaihd.net/eum/results.txt
                                                                                                                                                                                                                                                                                                                                                                                Preview:Success!

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 417

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):80
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.33221219626569
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:LUfQ2pHWiR8HopHW4OE9HsuXU9WyRHfHyI:x2pHD5YEl5k9zyI
                                                                                                                                                                                                                                                                                                                                                                                MD5:1AE6B27EBA211F4CFCD99B904DA88BB7
                                                                                                                                                                                                                                                                                                                                                                                SHA1:53CA38F083C4A21F2EDA633EC304CB4582EDEDA2
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:961635B4E9661208EC118D285B3AC1DBF9F3CC96CDDC97F30E55CD2C6566448C
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:7DD325AB05B1A419614C2C39224C11E1388F09BCA5EA0F56811E6842B4FB243BCB53AA2BDDE00A94FBC324222B47924152C183337EB390F58C59AC80E89593B6
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:jsonFeed({"country":"US","state":"NY","stateName":"New York","continent":"NA"});

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 418

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):35
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.2430101595548555
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:KQCZAK+uP:K9GruP
                                                                                                                                                                                                                                                                                                                                                                                MD5:75C843C7B717E7B722777907475C67A3
                                                                                                                                                                                                                                                                                                                                                                                SHA1:983D1C9A05B315288039B9D4694CE3B402259240
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:1D348F9F803C95305F63DEF9D75FD50E79E54A375E1A4A888EDBBEA366845580
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:41F58C029586198B0F5E7AB6D2CC1EDEB113184F82C8ADFFC81F0E229FF5CE44CC9AABB8BDA82F923984A3CFE5E42C68EF2F4620FF94AE0B1809B03B9A6FD37F
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:obApi.setCachedClickId("NoClickId")

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 419

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):752352
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.387475858669295
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12288:0j1qGVKhDVeJJIItrzO/cDbG5tB7W1/XHwya781ii7MQ4UdQojHQ2+OS7Ja2mMtK:A1qUKIpO/oG5tB7W1/XHwya781ii7MQV
                                                                                                                                                                                                                                                                                                                                                                                MD5:8747AD2E6B5EE4BB64D54B72551F943E
                                                                                                                                                                                                                                                                                                                                                                                SHA1:4C0865C2A2A055178FD15C8ECEBA2AB47554E538
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:CEC9843DAC68608080FA6752E0F7C4390A85E7D1ACA1DEAEBE83929E7CE2E43C
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:30851534D295B468868E3D34D14F10C504E9B9DC57796CD75554D8F2B1407FD8232810707FCF0E9AB6DDCC1195795DFEC6F4BF60DC9BD396DFD0C2E12E5A7A21
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:var __defProp=Object.defineProperty,__publicField=(e,t,o)=>(((e,t,o)=>{t in e?__defProp(e,t,{enumerable:!0,configurable:!0,writable:!0,value:o}):e[t]=o})(e,"symbol"!=typeof t?t+"":t,o),o);!function(e){function t(e){return null!==e&&"object"==typeof e&&"constructor"in e&&e.constructor===Object}function o(e,n){void 0===e&&(e={}),void 0===n&&(n={}),Object.keys(n).forEach((l=>{void 0===e[l]?e[l]=n[l]:t(n[l])&&t(e[l])&&Object.keys(n[l]).length>0&&o(e[l],n[l])}))}const n={body:{},addEventListener(){},removeEventListener(){},activeElement:{blur(){},nodeName:""},querySelector:()=>null,querySelectorAll:()=>[],getElementById:()=>null,createEvent:()=>({initEvent(){}}),createElement:()=>({children:[],childNodes:[],style:{},setAttribute(){},getElementsByTagName:()=>[]}),createElementNS:()=>({}),importNode:()=>null,location:{hash:"",host:"",hostname:"",href:"",origin:"",pathname:"",protocol:"",search:""}};function l(){const e="undefined"!=typeof document?document:{};return o(e,n),e}const r={document

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 420

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (11812)
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):13187
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.393291814188906
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:192:zbnLA5tmjHCR/UeHjXWb2pTOnstdo5CpcN0WqRObyAzJ3Nz:zbnLfjURHjXo2BtcC/Oby0J3Nz
                                                                                                                                                                                                                                                                                                                                                                                MD5:F31EB825873ADAC869D4729C192E9C39
                                                                                                                                                                                                                                                                                                                                                                                SHA1:653EA77822A384FAE27629FE72ECC8ABE28F538C
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:17E35FDDCD5C236EEE53BE4CE71C9B4DA474CB64D52E43710E91B10850820547
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:55C43C1220E5C911430CDB4B63607AB65A40A88BB06BC66E5B912A6ACCDAAE8F8BCAC9833AF33C6DA7A9F6DE9586942D202EE49474BB3EBE873ABA84CEBCA2C2
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://static.hotjar.com/c/hotjar-857043.js?sv=6
                                                                                                                                                                                                                                                                                                                                                                                Preview:window.hjSiteSettings = window.hjSiteSettings || {"site_id":857043,"rec_value":0.0,"state_change_listen_mode":"automatic_with_fragments","record":true,"continuous_capture_enabled":true,"recording_capture_keystrokes":false,"session_capture_console_consent":false,"anonymize_digits":true,"anonymize_emails":true,"suppress_all":false,"suppress_all_on_specific_pages":[],"suppress_text":false,"suppress_location":false,"user_attributes_enabled":false,"legal_name":"CCleaner Official Site","privacy_policy_url":"https://www.ccleaner.com/about/privacy-policy","deferred_page_contents":[],"record_targeting_rules":[],"feedback_widgets":[],"heatmaps":[],"polls":[],"integrations":{"optimizely":{"tag_recordings":false},"abtasty":{"tag_recordings":false},"kissmetrics":{"send_user_id":false},"mixpanel":{"send_events":false},"unbounce":{"tag_recordings":false},"hubspot":{"enabled":false,"send_recordings":false,"send_surveys":false}},"features":["ask.popover_redesign","client_script.compression.pc","csq_the

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 421

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (37729)
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):42235
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.373575757372754
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:1raZLPYGizQkgAmR5R2o/zCxWTK4IwmXBW6BDQsbZhkKEs5TV2Het5kOnjews2Or:VaZLPY7NqbzCx15fA6BDQslhkQ2+t5kL
                                                                                                                                                                                                                                                                                                                                                                                MD5:F0A83FEE9532B21BF8B2EBCDC890E465
                                                                                                                                                                                                                                                                                                                                                                                SHA1:F3F15E91EAFC50775ABA773CF23E73F9C1C0B32A
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:9026A67296D01BA0FF65CBD645347D1A5D1DA35805E9CCDC31310E570EEFD3BB
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:29475F9BAF9B36F8A4DDEF972F3CEADF416BCBBC827FF87D3C21674916EBEEE3AB4D647E47CE5A5CC3493FED8BD48CFA00E2CD9833595EB97E1D036D05B831AD
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:!function(){function n(d){var g=[],a=[],f=function(c){for(var b={},e=0;e<z.length;e++){var h=z[e];if(h.Tag===c){b=h;break}var k=(r=h.Tag,t=x=l=void 0,l=-1!==(t=r).indexOf("http:")?t.replace("http:",""):t.replace("https:",""),-1!==(x=l.indexOf("?"))?l.replace(l.substring(x),""):l);if(c&&(-1!==c.indexOf(k)||-1!==h.Tag.indexOf(c))){b=h;break}}var r,l,x,t;return b}(d);return f.CategoryId&&(g=f.CategoryId),f.Vendor&&(a=f.Vendor.split(":")),!f.Tag&&D&&(a=g=function(c){var b=[],e=function(h){var k=document.createElement("a");.k.href=h;h=k.hostname.split(".");return-1!==h.indexOf("www")||2<h.length?h.slice(1).join("."):k.hostname}(c);y.some(function(h){return h===e})&&(b=["C0004"]);return b}(d)),{categoryIds:g,vsCatIds:a}}function A(d){return!d||!d.length||(d&&window.OptanonActiveGroups?d.every(function(g){return-1!==window.OptanonActiveGroups.indexOf(","+g+",")}):void 0)}function m(d,g){void 0===g&&(g=null);var a=window,f=a.OneTrust&&a.OneTrust.IsVendorServiceEnabled;a=f&&a.OneTrust.IsVendorS

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 422

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (32764)
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):181987
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.366515041117068
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:8JS2l9lK6uN9238uw+mU/kiPXFV8oFlsIp:8JSolK6uNg38uw+mU/pFVv1
                                                                                                                                                                                                                                                                                                                                                                                MD5:9FD89DE1A5B58327FF8BB7D91D552999
                                                                                                                                                                                                                                                                                                                                                                                SHA1:EE30F93ECCE33118BDE04531A0FE83149DFD69EA
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:8D78B3EE6B95A5E9F4F4A80775F72432AD0A68207A3A38890C9ED3E7E3809C17
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:E6E36B9F958BDDFF4EC7892FD04B14E51FC8E24783B858D3B84699D404107F60D36AEB3959B1F32CB4CBDED9587093F6DBBD04877C2DB5945F199D34C502836D
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://assets.adobedtm.com/b29989a14bed/fb232d48b52a/launch-6a58c8f8d4cd.min.js
                                                                                                                                                                                                                                                                                                                                                                                Preview:// For license information, see `https://assets.adobedtm.com/b29989a14bed/fb232d48b52a/launch-6a58c8f8d4cd.js`..window._satellite=window._satellite||{},window._satellite.container={buildInfo:{minified:!0,buildDate:"2024-08-07T17:54:17Z",turbineBuildDate:"2023-02-22T20:37:26Z",turbineVersion:"27.5.0"},environment:{id:"EN8348818414d3457da014cac8b02fade1",stage:"production"},dataElements:{"Dynamic Adobe Library URL - HTTPS":{modulePath:"core/src/lib/dataElements/customCode.js",settings:{source:function(){return previewurl="https://www.nortonlifelock.com/content/dam/norton-adobe-analytics/test/s_code_norton_min_preview.js",produrl="https://www.nortonlifelock.com/content/dam/norton-adobe-analytics/prod/s_code_norton_min.js",void 0!==_satellite&&void 0!==_satellite.environment&&"production"!=_satellite.environment.stage?previewurl:produrl}}},site_subsection:{modulePath:"core/src/lib/dataElements/javascriptVariable.js",settings:{path:"nortonAnalytics.site_sub_section"}},site_language:{moduleP

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 423

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (5552)
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):84191
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.374038726533203
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:RJeUwT76HXhpwPCHM9ZVK01QqSYTZ02LKVsdmpyKcicPXEjf:RIT7OXVs9ZVKBvYj8wKcHPG
                                                                                                                                                                                                                                                                                                                                                                                MD5:B89766C1A697179D91B09C9870A02183
                                                                                                                                                                                                                                                                                                                                                                                SHA1:4563F2628FAD371D6466102B49F64FBFDC0B819D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:5B2FEF19178344F4051DBD4736F4C9F4A774303846617CADD265D86323EA42C7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:A677115483CE6D9C1FD12CC64749B77EA4D84D46F8C0C02E7FAD1CFD98AB31C8515823432BB37EAD849B9FA08CF712677A67F81B4F7486560B15634D1B704159
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:/**.* Copyright (c) 2017-present, Facebook, Inc. All rights reserved..*.* You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook..*.* As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software..*.* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 424

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (58876), with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):58876
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.405683338218142
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:buY9NdAkLYPFvFkxF94zPnSJpSFDKNo5/H:buQdApFoF94zPnSJpSFDP5/H
                                                                                                                                                                                                                                                                                                                                                                                MD5:4328E910DE583AD53B3A7A76455AF005
                                                                                                                                                                                                                                                                                                                                                                                SHA1:E040010E5EF4121A3A163AACDC664D6AA4AFEC74
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:D4963B8AFEBFA0063B5D17B4C80F49BCE702A37EA5C9B91BB3C996BB9DEA4B60
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:F807BA8B0AE2D5387E93E292918EEB4D7D1AC7635566A38EE2E101FBE8A7C6C23E704770EFCB1401EB5D1385605CBFB15F0A840AC150770049D2A4D6CA9A0DFA
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:!function(){var t={6173:function(t,e,n){var r;t.exports=(r=r||function(t,e){var r;if("undefined"!=typeof window&&window.crypto&&(r=window.crypto),"undefined"!=typeof self&&self.crypto&&(r=self.crypto),"undefined"!=typeof globalThis&&globalThis.crypto&&(r=globalThis.crypto),!r&&"undefined"!=typeof window&&window.msCrypto&&(r=window.msCrypto),!r&&void 0!==n.g&&n.g.crypto&&(r=n.g.crypto),!r)try{r=n(2480)}catch(t){}var i=function(){if(r){if("function"==typeof r.getRandomValues)try{return r.getRandomValues(new Uint32Array(1))[0]}catch(t){}if("function"==typeof r.randomBytes)try{return r.randomBytes(4).readInt32LE()}catch(t){}}throw new Error("Native crypto module could not be used to get secure random number.")},o=Object.create||function(){function t(){}return function(e){var n;return t.prototype=e,n=new t,t.prototype=null,n}}(),a={},c=a.lib={},u=c.Base={extend:function(t){var e=o(this);return t&&e.mixIn(t),e.hasOwnProperty("init")&&this.init!==e.init||(e.init=function(){e.$super.init.apply

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 425

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Web Open Font Format (Version 2), TrueType, length 18536, version 1.0
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):18536
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.986571198050597
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:384:IhocXmE6eM871P7td/mcOKA454H2orQEONKrOqxw:f6WeL1P//9D54WCCKc
                                                                                                                                                                                                                                                                                                                                                                                MD5:8EFF0B8045FD1959E117F85654AE7770
                                                                                                                                                                                                                                                                                                                                                                                SHA1:227FEE13CEB7C410B5C0BB8000258B6643CB6255
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:89978E658E840B927DDDB5CB3A835C7D8526ECE79933BD9F3096B301FE1A8571
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:2E4FB65CAAB06F02E341E9BA4FB217D682338881DABA3518A0DF8DF724E0496E1AF613DB8E2F65B42B9E82703BA58916B5F5ABB68C807C78A88577030A6C2058
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2
                                                                                                                                                                                                                                                                                                                                                                                Preview:wOF2......Hh..........H..............................Z..|.`..J.T..<.....H..U..Z...x.6.$..0. ..t. ..I....p.0.VU.......1....AQ...d..x.....R..4.-.c..C$fUc.c..IX..@..~g.xs.....%...O...eJ.w..U.|.......%*..{.......U+..T#.S......`.n.....V.w.4..~P"..zk.%..../........=3...F.........V.FL..;Bc.........A.Uk.U1.b!Y.BH.DL...s.s...F.m.9a..GJ..1..#.`*m5..DI..X5#.........B.Akm.....&..0...{.L.....G......-(.......O4.@3....=......f..l...$.....j..NO...e.Y.tJ2J>F.(.c....08..e...~....D2S7s:.G'Gm........!.7.........r.c.`,.....~.).......c>1.......Y.g2^...T-1.7./r./....>...g.ov@u.?.U.+._...'M..,.,g....!g..9."..yBF.#r+.Ps...%.d=....U...5.b.$:`.4R.II.<A....Q)....e...k.....M.8.z....+.....5}..F........F.d._...].~-](.Lf....Y..W....;-z...;. .@x._v../.%UIm....=s...P.C....G...^..Q.!g.!b._.P....at..?.}....t.z...O(..Y6..R.2.X....k.R..K.gw(.F.K?m..R*...7....dj..7. .r.U..be.4......8.].w.B..B......Y..:..8.N..U...NEm...\.^q..f}.......{..6.". ...y-.Y...N.*+.M E..`......R.$T

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 426

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):715
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.483239176067502
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12:trCv0uXM65rVP7EUDYwdPytQJuIMrG6gBMfCXjjmCh63IEKn:tuv0uXMMrFEUDYwdPzMBgawjjmCh6YEM
                                                                                                                                                                                                                                                                                                                                                                                MD5:2840415F6784A17C0C7FE8AA7A5BF22C
                                                                                                                                                                                                                                                                                                                                                                                SHA1:BD2C49AE9EFB86AD4D6F3D31F57C552ADEB0E07A
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:A21F9654466882A459CAF9270BE5150855FCA208C9969F140D4FBEC41B2A8D86
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:59A696E893ABCCE4DE0928E85D14EE49EBB43A7D3948D8014FD4C916B913EEF0C569B4FC1CF2FCCC85B7E580F659E622A9795FCA083467896DB09122014EFDE9
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://cdn-production.ccleaner.com/site/14wn2zg2/language-select.svg
                                                                                                                                                                                                                                                                                                                                                                                Preview:<svg width="17" height="16" viewBox="0 0 17 16" fill="none" xmlns="http://www.w3.org/2000/svg">.<path fill-rule="evenodd" clip-rule="evenodd" d="M6.94141 14.8389V12.5H5.44141V10.5C5.38659 10.4452 5.24658 10.3114 5.04798 10.1217C4.25862 9.36765 2.54354 7.72927 1.57201 6.64726C1.48631 7.08494 1.44141 7.53722 1.44141 8C1.44141 11.3511 3.79622 14.1522 6.94141 14.8389ZM12.772 2.5H10.4414V4.5H6.94141V6.5H4.94141V7.5H10.4414V10.5H12.4414V13.7453C14.2549 12.4804 15.4414 10.3787 15.4414 8C15.4414 5.76904 14.3977 3.78183 12.772 2.5ZM16.4414 8C16.4414 12.4183 12.8597 16 8.44141 16C4.02313 16 0.441406 12.4183 0.441406 8C0.441406 3.58172 4.02313 0 8.44141 0C12.8597 0 16.4414 3.58172 16.4414 8Z" fill="#46515D"/>.</svg>.

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 427

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (8065)
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):9888
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.489849998921756
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:192:pIUrpupNyxauPY5NGh64rHfbDlOZCTbKTPsGDzY037P2Mu0RLl7s:fYyxg5gRTjDKCTbKTPsGDzPLP2Mu0k
                                                                                                                                                                                                                                                                                                                                                                                MD5:0444AFA35778412DF0931198D1D6A7A1
                                                                                                                                                                                                                                                                                                                                                                                SHA1:4114123B48A255F93C664271C337AFA4F3A30FBF
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:32A75C69013A3DA5ADA7D85C52ED4AF588BB7D6EFED1F7DD792DA7CE0DB5DAAF
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:94FA0094386049AFD5E1FDB17783C571AC018006108EB43BF70985D69FAC1A7D8F177520ED25EEE9765A69F066B18340E70570CAF25071148AAC5CB17AA00180
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://zn4i1jhjmxub1nc6y-gendigital.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_4I1jhjmxub1NC6y
                                                                                                                                                                                                                                                                                                                                                                                Preview:(function () {. if (typeof window.QSI === 'undefined'){. window.QSI = {};. }.. var tempQSIConfig = {"hostedJSLocation":"https://siteintercept.qualtrics.com/dxjsmodule/","baseURL":"https://siteintercept.qualtrics.com","surveyTakingBaseURL":"https://s.qualtrics.com/spoke/all/jam","BrandTier":null,"zoneId":"ZN_4I1jhjmxub1NC6y"};.. // If QSI.config is defined in snippet, merge with QSIConfig from orchestrator-handler.. if (typeof window.QSI.config !== 'undefined' && typeof window.QSI.config === 'object') {. // This merges the user defined QSI.config with the handler defined QSIConfig. // If both objects have a property with the same name,. // then the second object property overwrites the first.. for (var attrname in tempQSIConfig) { window.QSI.config[attrname] = tempQSIConfig[attrname]; }. } else {. window.QSI.config = tempQSIConfig;. }.. window.QSI.shouldStripQueryParamsInQLoc = false;.})();../*@preserve.***Version 2.19.0*

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 428

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (16769)
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):402603
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.652030099324565
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:h4XGggMX/iOG90nPmPL97aBJDMfgQJ7AObvx0/awO:6XPt6OnPmR7V1Z
                                                                                                                                                                                                                                                                                                                                                                                MD5:48D72F0A3ECA401047B1BFA0695CA44B
                                                                                                                                                                                                                                                                                                                                                                                SHA1:F0C64F055488BC1ECB05E9BF8C00955C9482E7DA
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:84A423E17BB8C2F8042D8531689510FD07648618849394F1800A8EEA284F8072
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:0AAA9A04FCBD337FD7230130E63A12BCF8A030D8EF13A23F0E9A28AF2F1B5A4C0B72B2D4E818F9B0858ECCCDC7E37F91CD68F8BD560FD2BC4B3F58454039AC55
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"3",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_cps","priority":14,"vtp_cpsMode":"ALL","tag_id":106},{"function":"__ogt_dma","priority":14,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":108},{"function":"__ogt_1p_data_v2","priority":14,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTO

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 429

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (29146)
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):363151
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.583362274165507
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:oQbt29MXMiO60rPmPx27iDmoMfgQJoc5vd:dbt2j3rPm07Nb
                                                                                                                                                                                                                                                                                                                                                                                MD5:AB8307D81489C4D11F0015A0C091A30F
                                                                                                                                                                                                                                                                                                                                                                                SHA1:E500AF27559409F08A884F7A0A0F299CA5C2BF1E
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:9532B0573BBC061608F4FFE39B9F1FB0300E446E71430E255EEE5F1AF3864F48
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:25F4FDCF377881ACAA5DFB5945FB249026D525C19BEAA33E5F5A840BE246A17EE7FB298024FB5F9FE7CB6FFD42C929078466226E748025CB7978680337AA8FD2
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://www.googletagmanager.com/gtm.js?id=GTM-KFXRTR
                                                                                                                                                                                                                                                                                                                                                                                Preview:.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]||{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"267",. . "macros":[{"function":"__u","vtp_component":"PATH","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__e"},{"function":"__v","vtp_name":"gtm.element","vtp_dataLayerVersion":1},{"function":"__v","vtp_name":"gtm.triggers","vtp_dataLayerVersion":2,"vtp_setDefaultValue":true,"vtp_defaultValue":""},{"function":"__jsm","vtp_javascript":["template","(function(){return window.doNotTrack||navigator.doNotTrack||navigator.msDoNotTrack||\"msTrackingProtectionEnabled\"in window.external?\"1\"==window.doNotTrack||\"yes\"==navigator.doNotTrack||\"1\"==navigator.doNotTrack||\"1\"==navigator.msDoNotTrack||window.external.msTrackingProtectionEnabled()?\"1\":\"0\":\"0\"})();"]},{"function":"__u","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmpty

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 430

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):5194
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.976628767895142
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:96:mD6VAMcWnVRSNUrN3Sky4gNeLSYiJ7iFsAkl2+heNm7iprXbep5DkoG23b+WYYY:p9bSNURZyNNnRJqsAehheImprmDkozYV
                                                                                                                                                                                                                                                                                                                                                                                MD5:63E737D3544164D2B7F4FBCA416AC807
                                                                                                                                                                                                                                                                                                                                                                                SHA1:030370AA38715E4C41589633F69D0BFE8255D46C
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:5FA00D047ACD959697B9D7772C31DCD37BEC33C70C6FBF80AB8316205D1D286D
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:31EE1BB536C0E50F5568A415EA3308367BFCFD11D2A6F7DFF1C8E3A982F7BE790C240A603CD4C6E187672824B8E5D07646049A28C6A88A7B001EB9A0142F312B
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:<svg height="16" width="136" data-name="Layer 1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 136 14.6"><defs><clipPath id="a"><path fill="none" d="M53.76 0H136v14.6H53.76z"/></clipPath></defs><path d="M0 12.3V5.59h2.27a2.62 2.62 0 011.29.28 1.83 1.83 0 01.74.77 2.25 2.25 0 01.25 1.07 2.26 2.26 0 01-.25 1.08 1.77 1.77 0 01-.74.77 2.55 2.55 0 01-1.28.29H.66v-.72h1.59a1.81 1.81 0 00.87-.19 1.1 1.1 0 00.48-.5 1.73 1.73 0 00.15-.73A1.66 1.66 0 003.6 7a1.1 1.1 0 00-.48-.5 1.86 1.86 0 00-.88-.18H.81v6zm7.74.1a2.29 2.29 0 01-1.2-.32 2.29 2.29 0 01-.8-.91 3.06 3.06 0 01-.28-1.36 3.07 3.07 0 01.28-1.37 2.14 2.14 0 012-1.24 2.14 2.14 0 012 1.24A3.07 3.07 0 0110 9.81a3.06 3.06 0 01-.29 1.36 2.11 2.11 0 01-2 1.23zm0-.69a1.31 1.31 0 00.85-.27 1.6 1.6 0 00.5-.69 2.9 2.9 0 00.16-.94 2.85 2.85 0 00-.16-.94 1.67 1.67 0 00-.5-.71 1.37 1.37 0 00-.85-.26 1.35 1.35 0 00-.85.26 1.67 1.67 0 00-.5.71 2.85 2.85 0 00-.16.94 2.9 2.9 0 00.16.94 1.6 1.6 0 00.5.69 1.29 1.29 0 00.85.27zm4.43.59l-1.54-5h.82l1.08 3

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 431

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):606
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.624397753968009
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12:trrtmUuXM65e2UllEifhIF/3XBpGaGUQ8OF4kbgLcaopgz+QcqcREKn:tHtmUuXMMXU7ffhIfXBTOTaEgkVEKn
                                                                                                                                                                                                                                                                                                                                                                                MD5:E1B9144DD4E58EDCFC73490FB96A61ED
                                                                                                                                                                                                                                                                                                                                                                                SHA1:7DE0904DB680137F12F230F2462E45A12CB8B987
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:C9D667E06BDE7AC671D661BB9AEC8FDC0285E1218AACC9F453CAB2A3AEDA25A7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:34CE77047EA8F1A309C3E93259C35ABA1F660971E32C702AB99260058AD5719A03CEADD8787C6FAA0305BB28DF0F6A021D25F4A6B70358C8E919EAD78B294E15
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://cdn-production.ccleaner.com/site/11yjynor/youtube.svg
                                                                                                                                                                                                                                                                                                                                                                                Preview:<svg width="27" height="19" viewBox="0 0 27 19" fill="none" xmlns="http://www.w3.org/2000/svg">.<path fill-rule="evenodd" clip-rule="evenodd" d="M0.351562 6.14751C0.351562 3.18609 2.51307 0.671109 5.46184 0.397679C7.74395 0.186067 10.5478 0 13.3516 0C16.1554 0 18.9592 0.186067 21.2413 0.397679C24.1901 0.671109 26.3516 3.18609 26.3516 6.14751V12.8525C26.3516 15.8139 24.1901 18.3289 21.2413 18.6023C18.9592 18.8139 16.1554 19 13.3516 19C10.5478 19 7.74395 18.8139 5.46184 18.6023C2.51306 18.3289 0.351562 15.8139 0.351562 12.8525V6.14751ZM10.3516 13V6L17.3516 9.50048L10.3516 13Z" fill="#46515D"/>.</svg>.

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 432

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (31295), with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):31295
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.420218989614015
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:8c+nkQPRXpV6U/iDS2i3K7vsjZ6r4wZm2t:8gcpV6UCv66k+m2t
                                                                                                                                                                                                                                                                                                                                                                                MD5:6D3071E7937674C226546116C276CFEC
                                                                                                                                                                                                                                                                                                                                                                                SHA1:0DC3BEA9140A59C19937E5C07F00B9ACAC0B0DBD
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:E37DCB6F734D00D75A25FBF066E04283DBC5167FEF68C8BFF5E0977B83A3F3AD
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:50B5D99264FCD3AFB0D433DBFB8D2CEAF9EA028913D8DCF3C095ADFB18A78A1C2635DE38699728FD6E54103EC3EE76494A94FD06AEC7FB4220F38AC15CE34986
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:(()=>{"use strict";var e={865:(e,t)=>{var n,r;t.__esModule=!0,t.LOG_TYPES=t.CONTENT_TYPE=t.Zone=t.GDPR_PURPOSE_CONSENTS=t.HAS_CONSENT_EVENT=t.CONSENT_HANDLER_URL=t.VERSION=void 0,t.VERSION="2.0.5",t.CONSENT_HANDLER_URL="https://my.outbrain.com/mtConsentHandlet/handler",t.HAS_CONSENT_EVENT="has_concent_event",t.GDPR_PURPOSE_CONSENTS=[1,3,4],(r=t.Zone||(t.Zone={})).Default="all",r.EuZone1="euZone1",r.EuZone2="euZone2",(t.CONTENT_TYPE||(t.CONTENT_TYPE={})).Product="product",(n=t.LOG_TYPES||(t.LOG_TYPES={})).Log="log",n.Warning="warning",n.Info="info",n.Error="error"},920:(e,t,n)=>{t.__esModule=!0;var r=n(865);t.default={zone:r.Zone.Default}},778:(e,t)=>{t.__esModule=!0,t.USE_FETCH_WITH_ATTRIBUTION_SRC=t.SEND_BEACON_SUPPORT=t.VERSION_NAME=t.API_NAME=t.GDPR_CALL_ID=t.GDPR_VENDOR_NAME=t.GDPR_VENDOR_ID=t.DOMAIN_URL_PARAMETER_NAME=t.NO_CLICK_ID_COOKIE_NAME=t.VARIATIONS_COOKIE_NAME=t.CLICK_ID_COOKIE_NAME=t.CLICK_ID_URL_PARAM=t.CLICK_ID_PIXEL_URL_PARAM=t.PAGE_VIEW_NAME=t.BASE_URL=void 0,t.BASE_U

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 433

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):484
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.869845660919293
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12:trZn1ruXM65ZxmKiRFj+XGpZ9qm6GcYvEKn:tZ1ruXMMZx3GRoG996GcYvEKn
                                                                                                                                                                                                                                                                                                                                                                                MD5:275FD8570BD9EC9882AB3003F1945C97
                                                                                                                                                                                                                                                                                                                                                                                SHA1:5C067FA58D5610A2A34EF3CC518BB9AF261C237B
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:CE1C79B208ABA80E5814AEC16BCE506BF0A1F1E79E0687999DE32BA1D42A934B
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1C0453ECA5EFE458EBB81F1A3908E7E7740A4FD4CCA112E448720CD03AA5A12E57498B0AE7B9E2184CD2B6B5B0873778AEBC9F72DE6492BB3BE631FB3739110E
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://cdn-production.ccleaner.com/site/k3jjgaj0/facebook.svg
                                                                                                                                                                                                                                                                                                                                                                                Preview:<svg width="9" height="18" viewBox="0 0 9 18" fill="none" xmlns="http://www.w3.org/2000/svg">.<path fill-rule="evenodd" clip-rule="evenodd" d="M8.57544 9.34668H5.85951V18H1.86785V9.34668H0V6.04668H1.86785V3.89568C1.7963 2.83151 2.20584 1.78999 2.98918 1.04392C3.77252 0.297854 4.85162 -0.0784152 5.9438 0.0136756H8.91571V3.23468H6.79292C6.54932 3.22473 6.31375 3.32043 6.14978 3.49596C5.98582 3.67149 5.91037 3.90874 5.9438 4.14368V6.04368H9L8.57544 9.34668Z" fill="#46515D"/>.</svg>.

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 434

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (33615)
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):33616
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.413721726762077
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:EbuqqwM9iRD91mDdP/6Lf9nafTAVZxp1Z7s:EbuTiRB1m2a8VZxpro
                                                                                                                                                                                                                                                                                                                                                                                MD5:FA0660A8882E303688049086E6201CBE
                                                                                                                                                                                                                                                                                                                                                                                SHA1:163A8A8481E067A40D4FFC0815F92684B45BD3AB
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:240530CD560BF994EBC14EABF67AA7B0413487CACC7AE1D1E29306243D87672B
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:7370B394B4F0360238498C7E9F31F582B45BB67A19E6CB811DF1D07D63FC31E6B1142E85F2445E5C1807A9BC0930346B1025F377695DA84321484267DB54CAB0
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://c5.adalyser.com/adalyser.js?cid=ccleaner
                                                                                                                                                                                                                                                                                                                                                                                Preview:var adalyserModules=trackerCore;adalyserModules.AdalyserTracker=function(e,r){var t=window;mutState={outQueues:[],bufferFlushers:[],expireDateTime:null,hasLoaded:false,registeredOnLoadHandlers:[]};function n(){var e;adalyserModules.helpers.forEach(mutState.bufferFlushers,function(e){e()});if(mutState.expireDateTime){do{e=new Date;if(adalyserModules.helpers.filter(mutState.outQueues,function(e){return e.length>0}).length===0){break}}while(e.getTime()<mutState.expireDateTime)}}t.AdalyserTracker={};adalyserModules.helpers.addEventListener(t,"beforeunload",n,false);return new adalyserModules.InQueueManager(e,mutState,r)};adalyserModules.InQueueManager=function(e,r,t){var n;function a(){if(adalyserModules.isBot(navigator.userAgent)){return}for(var e=0;e<arguments.length;e+=1){var r=arguments[e];var t=Array.prototype.shift.call(r);if(typeof t=="function"){t.apply(r);continue}if(t==="create"){o(r[0]);continue}n[t].apply(n[t],r)}}function o(e){e=e||{};if(!n){n=new adalyserModules.Tracker(t,r,e

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 435

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:HTML document, Unicode text, UTF-8 text, with very long lines (12724), with CRLF, LF line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):33303
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.969439124756335
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:L6zFM3XbPzUgzoxhLk2p6RSVUzPhguRX0C:acYgAheSVUzPiuRD
                                                                                                                                                                                                                                                                                                                                                                                MD5:305F8CE187EC5BA309B98BCA25DF1139
                                                                                                                                                                                                                                                                                                                                                                                SHA1:3767A5AC07D4003479BD5E3A39E19220ECA793A3
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:7006D150006CAC310B7E1C88DAF8FEA803D65B77D2519AEC556A5375ED199530
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:7EE0997C887CF7CBAF589D23E5876BBBED2FBE41E74647AED0D2BE32346EAFAA6D84F0A1FF06B9EDFDAFC75D73DB1EE7AE8CA418C9890B9072E1B2C3EB776BCE
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://www.ccleaner.com/knowledge/ccleaner-v6-30-11385?cv=v6-30-11385
                                                                                                                                                                                                                                                                                                                                                                                Preview:<!DOCTYPE html>..<html lang="en" id="3610eadb-24d3-4232-b15f-664e6441c60d">...<head prefix="og: http://ogp.me/ns# fb: http://ogp.me/ns/fb#">.. <title>CCleaner v6.30.11385</title>..<meta name="description" content="With CCleaner v6.30, we.ve launched Cloud Drive Cleaner out of Beta, now supporting Microsoft OneDrive. We.ve also enhanced Software Updater and optimized our app.s browser cleaning capabilities." />..<meta name="keywords" content="" />..<meta charset="utf-8">..<meta http-equiv="x-ua-compatible" content="ie=edge">..<meta name="viewport" content="width=device-width,initial-scale=1">..<meta name="verify-v1" content="CL5YHvlJYGfQ8xfzQT4NsvEV8U1LSKl/CcjVhtu6fkc=">..<meta name="google-site-verification" content="ml6x5QoEjuCGEjr6qZ9blR4xB6cBhkAxJGIklPS-AUA" />..<meta name="yandex-verification" content="143f1ada0d65b688" />..<meta name="msvalidate.01" content="58F45429DA19750179D01C6923E41A6F" />....<meta name="theme-color" content="#ffffff">..<link rel="apple-touch-ico

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 436

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):16
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.577819531114783
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:HAOfaY:gOfaY
                                                                                                                                                                                                                                                                                                                                                                                MD5:4C8A26E14EDABDD7D6BFBF1472AFC853
                                                                                                                                                                                                                                                                                                                                                                                SHA1:F268C3DB54608F753ED9320CB2411B00A40C8D65
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B9224CA870B658AB694ECED1FBB07A971FCE7D0C990E50046929E9968BAF435C
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:820B85A739953E8A71E89FEB45BBFB01E2D2F8977D30B0AB11BED28A7CA2B0365595AA7074A3A9780C8DE95E0C8DE839B5C390519F5238E8435F44736CDD497F
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAlcgVaXlVaJtRIFDaWTNiQ=?alt=proto
                                                                                                                                                                                                                                                                                                                                                                                Preview:CgkKBw2lkzYkGgA=

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 437

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):23195
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.804427569982273
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:384:x0BiqK3Jr1SnBbavSjm/i2tOIQWzyJF9MJ/Q+dWAOlY6KYs7JHXBIb:x2iqK3Jr1+B+vSjm/iuOIZyxiWyXBIb
                                                                                                                                                                                                                                                                                                                                                                                MD5:7550EB590645242C45B8381F44966BF1
                                                                                                                                                                                                                                                                                                                                                                                SHA1:49813968647CF74A33DBCDC46D7C07C718829364
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:163EE2A45293A440048729DBEFCD443BE4E26FB0EFFF60A3196B524819008A9F
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:DAD4C2F69BF759B333E5D57A13E71453AAF972E7B0565C3179865C14A8B6F3CBF0F7887BAF87CF6BC54A063050BEB8F037578E21E99ABB332090F329A4DF3728
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://cdn-production.ccleaner.com/site/dwyjyifw/ccleaner.svg
                                                                                                                                                                                                                                                                                                                                                                                Preview:<svg width="407" height="100" viewBox="0 0 407 100" fill="none" xmlns="http://www.w3.org/2000/svg">.<g clip-path="url(#clip0_1428_1730)">.<path d="M149.025 74.0105C145.907 74.0105 143.033 73.437 140.401 72.2899C137.769 71.1429 135.482 69.5861 133.538 67.6197C131.635 65.6124 130.137 63.2568 129.044 60.553C127.951 57.8492 127.404 54.9611 127.404 51.8886V51.7657C127.404 48.6932 127.931 45.8255 128.983 43.1627C130.076 40.4589 131.595 38.1033 133.538 36.0959C135.482 34.0476 137.789 32.4499 140.462 31.3028C143.134 30.1148 146.089 29.5208 149.328 29.5208C151.272 29.5208 153.033 29.6846 154.612 30.0124C156.232 30.3401 157.709 30.8112 159.045 31.4257C160.382 31.9993 161.616 32.6957 162.75 33.515C163.884 34.3344 164.957 35.2356 165.969 36.2188L161.171 41.8108C159.471 40.2131 157.669 38.9226 155.766 37.9394C153.863 36.9562 151.697 36.4646 149.268 36.4646C147.243 36.4646 145.361 36.8743 143.62 37.6936C141.919 38.472 140.441 39.5576 139.186 40.9505C137.931 42.3024 136.959 43.9001 136.271 45.7436C13

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 438

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):8
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):2.5
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:x:x
                                                                                                                                                                                                                                                                                                                                                                                MD5:402E7A087747CB56C718BDE84651F96A
                                                                                                                                                                                                                                                                                                                                                                                SHA1:7CE01F6381463362CF6AEF2F843A59261E8F5587
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:662EFAF46C617DDBCB8FF4A2A8F64CFFD3D93630F1003F8E66511F369B87730F
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:5080D776D0B123F20E97D44472EF2343BC022105AA67FC802B71668BAEB74A81530355589D50B1142165D17EF995AEAC196B6C15136D518A1EC0ABFA13C91D10
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:Success!

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 439

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PNG image data, 76 x 62, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):4922
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.954251681986302
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:96:HSCfkqa4GD/qXHzHPScjMXPiIhVafV6tnkHBIrvhqvUl7iUFahjVgeV+t0OZ9sx1:HSYOPDqHzHPVGqIvafwSHujAoOUFaYeL
                                                                                                                                                                                                                                                                                                                                                                                MD5:D42DDB89DC000BFC6BB752E25D9E5BEA
                                                                                                                                                                                                                                                                                                                                                                                SHA1:716579BF2DBAA96F0BFB5CB0FF730E007F112539
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:0625658ED9F7032B0BEFA68A51A0C6675A0E26451D86017CC4AE1AE20DA0F21D
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:B7212D1DA761DC85516469D42CB06893C6742C1DE01F81A1887C49BD808134F23DACE4D6254D8B7D47463E6D7DD9EB9679CDC8D70B49611240073C80FCB2440B
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://cdn-production.ccleaner.com/site/f4hh14un/group-1569.png
                                                                                                                                                                                                                                                                                                                                                                                Preview:.PNG........IHDR...L...>......}......pHYs.................sRGB.........gAMA......a.....IDATx..\.p..y....l..)....@mb.....n..@...eZ....d...4..4.iCh..i...43.LJ...S^1`Zl\...~.lYo.JW.w.{..9g_.!].>2.=G.{..y|...^.?.Y..G@-.{b..g....y....F..a....>.iZ.4.I...lm....}.....@....~7.F&rcN.}..3.fd.m...h..6. .0....d..T........|.n...`..cF.2Y.BxH..a.aI.7..?L.qnO..CT....s...F..`..{r.}..[`.K...[..n...,*.LN.....y....N.A.f.f.Oj.*l.!.(.i.....0.6h..H<k.q.`u........v.A....$.{X.........D...W.y..J..?...W....Y....H.-..4&..@k.`..4-2.#.A...L....4....x......R.(8.~$.....<iH...Mt....t..?.J.~..+@.sU.L..C...f..zU...O:..`C...c(....`...jH+. .~.....GM..*p..o.9.b....9..wO].....{.=.IcX..b.. {".<...o..By..H....7...K..G..@b...+..X..*..j)..INO..B......i.......q....=t.......u.==.....|l.2.....`..H....;..)...8.E.K......5p..w...Sh<..9..;..u...$qi ....$.]..%.8t|.O>{.u.0.-.....0,O.....w...0..I.Bqy..._....b..4(,\YHq.\%d.....;..z..n.O.'D/...>..e...k......b....q>_0y4k.h...%...n...._.zU.}....M.

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 440

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):35
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.2430101595548555
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:KQCZAK+uP:K9GruP
                                                                                                                                                                                                                                                                                                                                                                                MD5:75C843C7B717E7B722777907475C67A3
                                                                                                                                                                                                                                                                                                                                                                                SHA1:983D1C9A05B315288039B9D4694CE3B402259240
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:1D348F9F803C95305F63DEF9D75FD50E79E54A375E1A4A888EDBBEA366845580
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:41F58C029586198B0F5E7AB6D2CC1EDEB113184F82C8ADFFC81F0E229FF5CE44CC9AABB8BDA82F923984A3CFE5E42C68EF2F4620FF94AE0B1809B03B9A6FD37F
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://tr.outbrain.com/cachedClickId?marketerId=001ac0827d67b7b38319c9517e7fa2f4cc
                                                                                                                                                                                                                                                                                                                                                                                Preview:obApi.setCachedClickId("NoClickId")

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 441

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):230844
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.203439131867488
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:AOldnEYDjCvJCRCcNrPfOh3AKZB2T8Lrlm7QB3guWfBZoZrFzYzVv7hknkDZ5fQg:/lVEACRCRCcNZOFzYDknkrxTYAfzr7B
                                                                                                                                                                                                                                                                                                                                                                                MD5:714430328B6BF6103B0759FDA7017EE9
                                                                                                                                                                                                                                                                                                                                                                                SHA1:CA1B6BDE7C34787C2759EE01CF3BA4D7B9CD6BED
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:8DDB8B71BC551694ACC6699DD73D08EA8E8A0B39312B085C249AA8343CD0C683
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C91F560AC9F7C25717E3313161D0B351AB10A0AF232E6008C26C62A777D570D4A3A309F5F5AF55E42E75CE294D888A5B5895CDC7006241AB3BE72B113D83B8F6
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://cdn.cookielaw.org/consent/831b8ee0-e952-49a5-af6b-01382c722774/01912753-8c21-7a17-883f-0a91a4e5ae8b/en.json
                                                                                                                                                                                                                                                                                                                                                                                Preview:{"DomainData":{"pclifeSpanYr":"Year","pclifeSpanYrs":"Years","pclifeSpanSecs":"A few seconds","pclifeSpanWk":"Week","pclifeSpanWks":"Weeks","pccontinueWithoutAcceptText":"Continue without Accepting","pccloseButtonType":"Icon","MainText":"Privacy preference center","MainInfoText":"By clicking \"Accept All\" you allow cookies that improve your experience on our site, help us analyze site performance and usage, and enable us to show relevant marketing content. You can manage cookie settings below. By clicking .Confirm Selection. you agree with the current settings. See","AboutText":"Cookies policy","AboutCookiesText":"Your Privacy","ConfirmText":"Accept All","AllowAllText":"Save Settings","CookiesUsedText":"Cookies used","CookiesDescText":"Description","AboutLink":"https://www.ccleaner.com/about/cookies-policy","ActiveText":"Active","AlwaysActiveText":"Always Active","AlwaysInactiveText":"Always Inactive","PCShowAlwaysActiveToggle":true,"AlertNoticeText":"By clicking \"OK\" you allow

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 442

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 132x132, components 3
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):9878
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.9403680892771185
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:192:Q6PcNYBV4lgfBo9LAuRU8hT7ut5lmgAVABpYvhKzzAS:Q6PWYLLfOLAui8hXHGDVIS
                                                                                                                                                                                                                                                                                                                                                                                MD5:7895CB1F002CBE6FEFE3535878A3D9C3
                                                                                                                                                                                                                                                                                                                                                                                SHA1:9BEC6812D6B968CF4BBCE4CCDE8F0A969DE6BE74
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B8F3F81E29101C6A7EAB759A4A681298F3DDA8A99CB2459B32C40EE658E0D720
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:7D176C21C83AC715C7BCAE0C16CC4989834F0C1CC1FED02FF2FF88B937282D27957129FFF9ED1CA66971985A2870716A68071DA2CF83522545D9657404705849
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:......Exif..II*.................Ducky.......U......Adobe.d.................................................................................................................................................................................................................................................!..1...AQ".a2#.q.....B3$.Rb.....r.C.%E).......................!1...AQ.".aq.2.B#......3C$.............?..s.ZMi..8.....&Q.COm...m_D..`.d2.T.R..l..<..)s(e..Q.N."X....n.KvaAM.R.<.p..9Q.Q.U(..[...'.'....a..C..8.IY.NV\!.c...AI&.#.~..K...'!..~.O$.Y.MVA"?.....YY.......%z..K...G.....4E...HH.t...V...m(:..1...A.]..E......?...@.S.......p.&...YC....]2....d...u...s.#.O!.ct;.W.......I.*1...*Q.q....6E....2.09...Q..y....S.......$]e{..iuv.s..G(.<yVD.......ci3.\.HW.B.........P.;.5)..@.B>e..q;N_ .-.e.c.%&.9TCkXB...CiY?.t.........+....V...Vfg[.S. ..2.......f)Y.+..4vV./.BcTT...8..V.'5.Ci+...Rc..!!`...G..8.8b.'..x?.m;Lu2.d..\+J.$....i......u..Y,...t.c(...6E........!.A.}V.n...........

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 443

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):752352
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.387475858669295
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12288:0j1qGVKhDVeJJIItrzO/cDbG5tB7W1/XHwya781ii7MQ4UdQojHQ2+OS7Ja2mMtK:A1qUKIpO/oG5tB7W1/XHwya781ii7MQV
                                                                                                                                                                                                                                                                                                                                                                                MD5:8747AD2E6B5EE4BB64D54B72551F943E
                                                                                                                                                                                                                                                                                                                                                                                SHA1:4C0865C2A2A055178FD15C8ECEBA2AB47554E538
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:CEC9843DAC68608080FA6752E0F7C4390A85E7D1ACA1DEAEBE83929E7CE2E43C
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:30851534D295B468868E3D34D14F10C504E9B9DC57796CD75554D8F2B1407FD8232810707FCF0E9AB6DDCC1195795DFEC6F4BF60DC9BD396DFD0C2E12E5A7A21
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://www.ccleaner.com/dist/uiv2/apiary-ui.iife.js?v=1.0.123
                                                                                                                                                                                                                                                                                                                                                                                Preview:var __defProp=Object.defineProperty,__publicField=(e,t,o)=>(((e,t,o)=>{t in e?__defProp(e,t,{enumerable:!0,configurable:!0,writable:!0,value:o}):e[t]=o})(e,"symbol"!=typeof t?t+"":t,o),o);!function(e){function t(e){return null!==e&&"object"==typeof e&&"constructor"in e&&e.constructor===Object}function o(e,n){void 0===e&&(e={}),void 0===n&&(n={}),Object.keys(n).forEach((l=>{void 0===e[l]?e[l]=n[l]:t(n[l])&&t(e[l])&&Object.keys(n[l]).length>0&&o(e[l],n[l])}))}const n={body:{},addEventListener(){},removeEventListener(){},activeElement:{blur(){},nodeName:""},querySelector:()=>null,querySelectorAll:()=>[],getElementById:()=>null,createEvent:()=>({initEvent(){}}),createElement:()=>({children:[],childNodes:[],style:{},setAttribute(){},getElementsByTagName:()=>[]}),createElementNS:()=>({}),importNode:()=>null,location:{hash:"",host:"",hostname:"",href:"",origin:"",pathname:"",protocol:"",search:""}};function l(){const e="undefined"!=typeof document?document:{};return o(e,n),e}const r={document

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 444

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (16769)
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):402629
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.652082301436153
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:h4XGggMX/iOG90vPmPL97aBJDMfgQJWAObvx0/awW:6XPt6OvPmR7G1B
                                                                                                                                                                                                                                                                                                                                                                                MD5:5C258420DCFAB6B703AD6CB6606B7B52
                                                                                                                                                                                                                                                                                                                                                                                SHA1:14152B39C1BD6B659C309C79FD1E62760001E3CE
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:D55169BEE7626DF5E3397D99B6E504440E9818E72CA6FACB7B15FEDC3402F037
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:5BCDBC98980BF7137FEB7E3F2F12714624A23D30C7143298E1F6F8E2C1AEFF1F8F89558FC4961C12DA62F6F64984843CDA317E885EA7BA517437A0BCFF2C1FFA
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://www.googletagmanager.com/gtag/js?id=G-YG64G9XX0R&l=sdl&cx=c&gtm=45He4bk0v9132702579za200
                                                                                                                                                                                                                                                                                                                                                                                Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"3",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_cps","priority":14,"vtp_cpsMode":"ALL","tag_id":106},{"function":"__ogt_dma","priority":14,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":108},{"function":"__ogt_1p_data_v2","priority":14,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTO

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 445

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Web Open Font Format (Version 2), TrueType, length 18596, version 1.0
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):18596
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.988788312296589
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:384:h5D5WUhNanar/Z19V6iGCYIqoPfHwfr13GPgqbrxremyFKKWB:h/NaOrBGCYIBPfQD1xqPhl
                                                                                                                                                                                                                                                                                                                                                                                MD5:C83E4437A53D7F849F9D32DF3D6B68F3
                                                                                                                                                                                                                                                                                                                                                                                SHA1:FABEA5AD92ED3E2431659B02E7624DF30D0C6BBC
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:D9BADA3A44BB2FFA66DEC5CC781CAFC9EF17ED876CD9B0C5F7EF18228B63CEBB
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C2CA1630F7229DD2DEC37E0722F769DD94FD115EEFA8EEBA40F9BB09E4FDAB7CC7D15F3DEEA23F50911FEAE22BAE96341A5BACA20B59C7982CAF7A91A51E152F
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
                                                                                                                                                                                                                                                                                                                                                                                Preview:wOF2......H...........H=................................|.`..J.H..<........>..Z...x.6.$..0. ..~. ..)...%.m..t.D<...U.c....D....@........@e..a..R./<...p..q..q....S<.nm...X..(ER....e.....O.?Q_..FYH......ml.E..?;X0>.f.Y.,.n.a...._h8c.006U.cS..3.m.Or..I9..5.;.=..'!..c.O...W.K..f....k..&Xq..Y?.r...%.S..y.:q*.......u*D.d.R..'..Q,L.... e`..=?.{...e%{.....3+$.....NkF2...... ._}..2]....,.F.u.S4O.~w).G..../]}6.nVwKj.h@........5.7P....i..r........U?.........q..Cm......g...\.zu.....P..|....5G$...4k$..L..g..".y..?..6...O...e..@..0TYh..v........M.....#B...O.i.G$.Bq..m.A.s~...A...c.....25K.....B..<..w.A....G.O...A......A,y"q....q<....N..{Ta..!.|vzo.;9.5>.>....7I.i.Ld.4..y...].g.....'m_(...O-..}.K.(....R..2.q.z9.D..]..$.#$.:x..:{..m.OF...K[J. ......lpH.#%V....4.;l.<..J.6.T..a...I..|..zj.k.-...y...#..e.1,s....<.HX.....z{L....'.$. "..tY..m.<.\8P. a.......x.W\.b.%...RA.\.... M.......v1......#...............`.c..%.Nc.d.qP.68....$<.O.S_7...U.].jn>@.3.c..wO..>.>a.qg....\..kb.

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 446

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 text, with very long lines (51384), with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):51385
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.293328685395304
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:IaOFhhRC5JFhLjfRysgLzQynDw5YyDMFW8KQ:IaOFnR2DRszQKaoWtQ
                                                                                                                                                                                                                                                                                                                                                                                MD5:6626C1362840EBFC8F48294E8F023E18
                                                                                                                                                                                                                                                                                                                                                                                SHA1:4EC0DFB37C3E536C1B5EC04B68C9846FDBAF9EEF
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:AABC88A6DB8B22022F96CA88E4F0A7BE426ABEF2B35169A71515A2D55246402A
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:B037A19B52C1047198EC7F19E99066054E454964380E2354239834260D11248E617D6759B944DDF39A25B883C8F430603D8E13097396E2DEDA9BB6905C1CD42A
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://bat.bing.com/bat.js
                                                                                                                                                                                                                                                                                                                                                                                Preview:function UET(o){this.stringExists=function(n){return n&&n.length>0};this.domain="bat.bing.com";this.domainCl="bat.bing.net";this.URLLENGTHLIMIT=4096;this.pageLoadEvt="pageLoad";this.customEvt="custom";this.pageViewEvt="page_view";o.Ver=o.Ver!==undefined&&(o.Ver==="1"||o.Ver===1)?1:2;this.uetConfig={};this.uetConfig.consent={enabled:!1,adStorageAllowed:!0,adStorageUpdated:!1,hasWaited:!1,waitForUpdate:0,enforced:!1};this.uetConfig.tcf={enabled:!1,vendorId:1126,hasLoaded:!1,timeoutId:null,gdprApplies:undefined,adStorageAllowed:undefined,measurementAllowed:undefined,personalizationAllowed:undefined};this.uetConfig.cusig={hasLoaded:!1,timeoutId:null,blob:{}};this.beaconParams={};this.supportsCORS=this.supportsXDR=!1;this.paramValidations={string_currency:{type:"regex",regex:/^[a-zA-Z]{3}$/,error:"{p} value must be ISO standard currency code"},number:{type:"num",digits:3,max:999999999999},integer:{type:"num",digits:0,max:999999999999},hct_los:{type:"num",digits:0,max:30},date:{type:"regex",

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 447

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):9507
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.3592270038592424
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:192:ebkfPUyAQgtNBIWguxw68uCItctpwfTh3fYwuoOE5YBTi+1POyj/0Pp5b5LfvEf0:PSN9cO51r
                                                                                                                                                                                                                                                                                                                                                                                MD5:4D67D7FCE83E8D073C84E4D5B5936E71
                                                                                                                                                                                                                                                                                                                                                                                SHA1:E02711957EA1C637BE41485526C65E4B56C55FD3
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:1DA25CF82F065474AADCE40A8C7369F6DF48E1847CB95C21BD9083488EFF7390
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1E9D7565BEF92D1C2DA126245D6392176D29A4BE7F1B4623FB367B4C345AA5381EB9022ECD3317CC946B48E2AF89073C80EDCEE0FC121073C88643B191D8E4D0
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://cdn.cookielaw.org/scripttemplates/6.36.0/assets/otCenterRounded.json
                                                                                                                                                                                                                                                                                                                                                                                Preview:. {. "name": "otCenterRounded",. "html": "PGRpdiBpZD0ib25ldHJ1c3QtYmFubmVyLXNkayIgY2xhc3M9Im90Q2VudGVyUm91bmRlZCI+PGRpdiBjbGFzcz0ib3Qtc2RrLWNvbnRhaW5lciIgcm9sZT0iYWxlcnRkaWFsb2ciIGFyaWEtZGVzY3JpYmVkYnk9Im9uZXRydXN0LXBvbGljeS10ZXh0Ij48ZGl2IGNsYXNzPSJvdC1zZGstcm93Ij48ZGl2IGlkPSJvbmV0cnVzdC1ncm91cC1jb250YWluZXIiIGNsYXNzPSJvdC1zZGstdHdlbHZlIG90LXNkay1jb2x1bW5zIj48ZGl2IGlkPSJvbmV0cnVzdC1wb2xpY3kiPjxkaXYgY2xhc3M9ImJhbm5lci1oZWFkZXIiPjxkaXYgY2xhc3M9ImJhbm5lcl9sb2dvIj48L2Rpdj48L2Rpdj48aDIgaWQ9Im9uZXRydXN0LXBvbGljeS10aXRsZSI+VGl0bGU8L2gyPjxwIGlkPSJvbmV0cnVzdC1wb2xpY3ktdGV4dCI+dGV4dDxhIGhyZWY9IiMiPnBvbGljeTwvYT48L3A+PGRpdiBjbGFzcz0ib3QtZHBkLWNvbnRhaW5lciI+PGgzIGNsYXNzPSJvdC1kcGQtdGl0bGUiPjwvaDM+PGRpdiBjbGFzcz0ib3QtZHBkLWNvbnRlbnQiPjxwIGNsYXNzPSJvdC1kcGQtZGVzYyI+PC9wPjwvZGl2PjwvZGl2PjwvZGl2PjxkaXYgaWQ9ImJhbm5lci1vcHRpb25zIj48ZGl2IGNsYXNzPSJiYW5uZXItb3B0aW9uIj48YnV0dG9uIGFyaWEtZXhwYW5kZWQ9ImZhbHNlIiBjbGFzcz0iYmFubmVyLW9wdGlvbi1pbnB1dCI+PHNwYW4gY2xhc3M9ImJhb

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 448

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):23195
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.804427569982273
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:384:x0BiqK3Jr1SnBbavSjm/i2tOIQWzyJF9MJ/Q+dWAOlY6KYs7JHXBIb:x2iqK3Jr1+B+vSjm/iuOIZyxiWyXBIb
                                                                                                                                                                                                                                                                                                                                                                                MD5:7550EB590645242C45B8381F44966BF1
                                                                                                                                                                                                                                                                                                                                                                                SHA1:49813968647CF74A33DBCDC46D7C07C718829364
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:163EE2A45293A440048729DBEFCD443BE4E26FB0EFFF60A3196B524819008A9F
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:DAD4C2F69BF759B333E5D57A13E71453AAF972E7B0565C3179865C14A8B6F3CBF0F7887BAF87CF6BC54A063050BEB8F037578E21E99ABB332090F329A4DF3728
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:<svg width="407" height="100" viewBox="0 0 407 100" fill="none" xmlns="http://www.w3.org/2000/svg">.<g clip-path="url(#clip0_1428_1730)">.<path d="M149.025 74.0105C145.907 74.0105 143.033 73.437 140.401 72.2899C137.769 71.1429 135.482 69.5861 133.538 67.6197C131.635 65.6124 130.137 63.2568 129.044 60.553C127.951 57.8492 127.404 54.9611 127.404 51.8886V51.7657C127.404 48.6932 127.931 45.8255 128.983 43.1627C130.076 40.4589 131.595 38.1033 133.538 36.0959C135.482 34.0476 137.789 32.4499 140.462 31.3028C143.134 30.1148 146.089 29.5208 149.328 29.5208C151.272 29.5208 153.033 29.6846 154.612 30.0124C156.232 30.3401 157.709 30.8112 159.045 31.4257C160.382 31.9993 161.616 32.6957 162.75 33.515C163.884 34.3344 164.957 35.2356 165.969 36.2188L161.171 41.8108C159.471 40.2131 157.669 38.9226 155.766 37.9394C153.863 36.9562 151.697 36.4646 149.268 36.4646C147.243 36.4646 145.361 36.8743 143.62 37.6936C141.919 38.472 140.441 39.5576 139.186 40.9505C137.931 42.3024 136.959 43.9001 136.271 45.7436C13

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 449

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1560x590, components 3
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):92067
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.817112492608626
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:9PcO0QriP/4JFJ6+Kh5r+sO6CpRkLhmvF6MehSJESAaSxMPssk:YQrK+FJ6+KhthOvXjF6nhSQLUssk
                                                                                                                                                                                                                                                                                                                                                                                MD5:6455EAC0D7B6FB17D419FC734538A9CF
                                                                                                                                                                                                                                                                                                                                                                                SHA1:711AC0FC93CCD476516682AF42D16929C8652DFC
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:ADF0769B8D66670AC87E65DD2C6DF6C0A2A33EB58A39903FB9BA49ACD4A5C87E
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:B7DB88858729F111C3753A340CA5C657C1D2DD53F135FCC636AD4B21CF5E4C3C448E5CEB5AFEC45C2A06DD26AEB20CE7325798FC8E30389E43C91BC0C343B897
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://cdn-production.ccleaner.com/site/ysco1rxm/release-announce-blog-1560x590.jpg
                                                                                                                                                                                                                                                                                                                                                                                Preview:......JFIF.....d.d......Ducky.......K......http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 7.1-c000 79.dabacbb, 2021/04/14-00:39:44 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:ed6f4275-5c61-4f7b-a239-ec3bfcf74b3d" xmpMM:DocumentID="xmp.did:6C20C9FA3BCF11EC8D2FE7DCF3B86EFC" xmpMM:InstanceID="xmp.iid:6C20C9F93BCF11EC8D2FE7DCF3B86EFC" xmp:CreatorTool="Adobe Photoshop 23.0 (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:ed6f4275-5c61-4f7b-a239-ec3bfcf74b3d" stRef:documentID="xmp.did:ed6f4275-5c61-4f7b-a239-ec3bfcf74b3d"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d.....................................................

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 450

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (37729)
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):42235
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.373575757372754
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:1raZLPYGizQkgAmR5R2o/zCxWTK4IwmXBW6BDQsbZhkKEs5TV2Het5kOnjews2Or:VaZLPY7NqbzCx15fA6BDQslhkQ2+t5kL
                                                                                                                                                                                                                                                                                                                                                                                MD5:F0A83FEE9532B21BF8B2EBCDC890E465
                                                                                                                                                                                                                                                                                                                                                                                SHA1:F3F15E91EAFC50775ABA773CF23E73F9C1C0B32A
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:9026A67296D01BA0FF65CBD645347D1A5D1DA35805E9CCDC31310E570EEFD3BB
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:29475F9BAF9B36F8A4DDEF972F3CEADF416BCBBC827FF87D3C21674916EBEEE3AB4D647E47CE5A5CC3493FED8BD48CFA00E2CD9833595EB97E1D036D05B831AD
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://cdn.cookielaw.org/consent/831b8ee0-e952-49a5-af6b-01382c722774/OtAutoBlock.js
                                                                                                                                                                                                                                                                                                                                                                                Preview:!function(){function n(d){var g=[],a=[],f=function(c){for(var b={},e=0;e<z.length;e++){var h=z[e];if(h.Tag===c){b=h;break}var k=(r=h.Tag,t=x=l=void 0,l=-1!==(t=r).indexOf("http:")?t.replace("http:",""):t.replace("https:",""),-1!==(x=l.indexOf("?"))?l.replace(l.substring(x),""):l);if(c&&(-1!==c.indexOf(k)||-1!==h.Tag.indexOf(c))){b=h;break}}var r,l,x,t;return b}(d);return f.CategoryId&&(g=f.CategoryId),f.Vendor&&(a=f.Vendor.split(":")),!f.Tag&&D&&(a=g=function(c){var b=[],e=function(h){var k=document.createElement("a");.k.href=h;h=k.hostname.split(".");return-1!==h.indexOf("www")||2<h.length?h.slice(1).join("."):k.hostname}(c);y.some(function(h){return h===e})&&(b=["C0004"]);return b}(d)),{categoryIds:g,vsCatIds:a}}function A(d){return!d||!d.length||(d&&window.OptanonActiveGroups?d.every(function(g){return-1!==window.OptanonActiveGroups.indexOf(","+g+",")}):void 0)}function m(d,g){void 0===g&&(g=null);var a=window,f=a.OneTrust&&a.OneTrust.IsVendorServiceEnabled;a=f&&a.OneTrust.IsVendorS

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 451

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                                                                MD5:99914B932BD37A50B983C5E7C90AE93B
                                                                                                                                                                                                                                                                                                                                                                                SHA1:BF21A9E8FBC5A3846FB05B4FA0859E0917B2202F
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:44136FA355B3678A1146AD16F7E8649E94FB4FC21FE77E8310C060F61CAAFF8A
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:27C74670ADB75075FAD058D5CEAF7B20C4E7786C83BAE8A32F626F9782AF34C9A33C2046EF60FD2A7878D378E29FEC851806BBD9A67878F3A9F1CDA4830763FD
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:{}

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 452

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (57795)
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):58197
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.447962948233802
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:etdfbRU1UJ7U//pgKfSmkgwdP3+BDIPoXu8Fu33NEQ4WKB3eyvbrhP/:qDyycBgKfSxgGP3+1tXuzp4jB3e6brh3
                                                                                                                                                                                                                                                                                                                                                                                MD5:7547294860AAE4D423CD8EC4D2C30305
                                                                                                                                                                                                                                                                                                                                                                                SHA1:E58E1C3CC3AD69923091A7C86380831A3F25F2A9
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:28E60EEBC4470F6CA0D874BE53E5A2E52B4FBD8426E0C90FED535422AF5084A1
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:3688FF52822782799E5AA5C6351F7B3586E8BF930C0F7F2177CE4D392EBC1DDA343D5077867467EED8BEEDCF68288C7DBE3C382E23BE8E83038FF1B5D07BCA47
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:var CJApi;!function(){var e={580:function(e,t){"use strict";var r=this&&this.__assign||function(){return r=Object.assign||function(e){for(var t,r=1,n=arguments.length;r<n;r++)for(var o in t=arguments[r])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},r.apply(this,arguments)};Object.defineProperty(t,"__esModule",{value:!0}),t.config=void 0;var n={policyApiUrl:"https://www.sjwoe.com/policy"},o=function(){try{return n}catch(e){return n}}();t.config=r(r({},o),{version:"7349afbba"})},434:function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.createSetAdvertiserConsentStatus=function(e){return function(t){if(e.win.cj){e.win.cj.advertiserConsentStatus=t;var r=!!e.countryCode&&(0,n.getPolicy)(e.countryCode);(0,n.consentFromSignal)(e.date,e.win,t,r),(0,o.default)(e)}}};var n=r(446),o=r(378)},446:function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.DtmConsent=void 0,t.serializeCjConsent=s,t.parseCjConsent=u,t.getConsentCookie=p

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 453

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):606
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.624397753968009
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12:trrtmUuXM65e2UllEifhIF/3XBpGaGUQ8OF4kbgLcaopgz+QcqcREKn:tHtmUuXMMXU7ffhIfXBTOTaEgkVEKn
                                                                                                                                                                                                                                                                                                                                                                                MD5:E1B9144DD4E58EDCFC73490FB96A61ED
                                                                                                                                                                                                                                                                                                                                                                                SHA1:7DE0904DB680137F12F230F2462E45A12CB8B987
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:C9D667E06BDE7AC671D661BB9AEC8FDC0285E1218AACC9F453CAB2A3AEDA25A7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:34CE77047EA8F1A309C3E93259C35ABA1F660971E32C702AB99260058AD5719A03CEADD8787C6FAA0305BB28DF0F6A021D25F4A6B70358C8E919EAD78B294E15
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:<svg width="27" height="19" viewBox="0 0 27 19" fill="none" xmlns="http://www.w3.org/2000/svg">.<path fill-rule="evenodd" clip-rule="evenodd" d="M0.351562 6.14751C0.351562 3.18609 2.51307 0.671109 5.46184 0.397679C7.74395 0.186067 10.5478 0 13.3516 0C16.1554 0 18.9592 0.186067 21.2413 0.397679C24.1901 0.671109 26.3516 3.18609 26.3516 6.14751V12.8525C26.3516 15.8139 24.1901 18.3289 21.2413 18.6023C18.9592 18.8139 16.1554 19 13.3516 19C10.5478 19 7.74395 18.8139 5.46184 18.6023C2.51306 18.3289 0.351562 15.8139 0.351562 12.8525V6.14751ZM10.3516 13V6L17.3516 9.50048L10.3516 13Z" fill="#46515D"/>.</svg>.

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 454

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PNG image data, 396 x 185, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):21362
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.969155260409857
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:384:y3vouUh4NMbbjz0/bEh2k2mupQVQXASUtRYSjyNuILYLQKhM371ROzhVL4R6W+YV:2voFh4K3jIWryQRPxbILui7TQJ4R6WzV
                                                                                                                                                                                                                                                                                                                                                                                MD5:2DE13725F22827F3B6D66C113F55FB10
                                                                                                                                                                                                                                                                                                                                                                                SHA1:4CF917DE95729023D4099728CFEB24539B354814
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:E0E16342B7CA4F029DCBE2C9C87A29A25406CDDB46BE331CC9A53D2098DD9E79
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:636A0F1F031B71A5A5B0B5CDD522EA9FA90284C7DA8EEC51825B58592FB58B0179B7D2DE888E14D956C0C2F7E811F519AE55BF6B59075035A146530321C49E29
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://cdn-production.ccleaner.com/site/idzpbojs/proplus.png
                                                                                                                                                                                                                                                                                                                                                                                Preview:.PNG........IHDR.............;.......pHYs.................sRGB.........gAMA......a...S.IDATx..}..$Gy...7...$..I.p..I.S@d....-...?. ...`....{Dc....$......S..t.'.t9..m...._...z.gv.vf......=3.W..W.444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444`@c.1.....p...;z....9.....al.....&.Y.".9t8..A\Ca.&......C:.5...444...0f.l....h..$.E..o..<........h.&....4..d1.;......Lc!.-..s.....~L...&..v...p44..4a.`.$q-.7SX........v.W.n.w....qJl.Hw!....aD|]...s.<........dN.... ...<>.v"..NND..'".y.....~.&t..4....c.A.G.....}#...[q.....S{Q(..I..(.u42.H.-.,.(.u...m..9.A...$.%.@..I.i0..e..H..N[6%..u[.. ""....'%~L.....h.&..n4f.4a...$..L\...qy25......{q.S..u. .$J"0.,.1.a.1.*..R...hd.avm....o.H.a$.l.Bw.E..<....$:.X...8ZLG[....t.......:!.\...h.8h.hBHNk.v..;...........'.c|.h....iZG.$.C.2a..0.k'....>.~T}.r.q..cH1.....!.NX..i6\{.Z. .V..$.ED$|5s..G.d..:.,.5..Q._.6.i4.4a4....N.s...........}x~..&&....t..q4..

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 455

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (19863), with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):19863
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.3447766218190145
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:384:s40C/Kax6IcZb9QI0rcOZ4yjR8rSxnMhNgyyi82Xo4uc:Vr6IcZqInOnRHMrPyG1
                                                                                                                                                                                                                                                                                                                                                                                MD5:BC033C3A83E1880E480086BF11AC0B0A
                                                                                                                                                                                                                                                                                                                                                                                SHA1:35137329601CC7E9CECFFEA9B881C363D42799F5
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:AEBE8DF81EE2BA5BC51E3ABC322910EE5122A0AC06EDFBCF7A04E1659D17DC9C
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:45CB92F652D6D14F65FE7CDA19389A6C5BE8BADD7EF0110EAD45D045EC20A6037D0C21C594FD193387C49E5150E8B8FC559CF6476AAFBF2B33324993667516CE
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:!function(e){var t={};function n(r){if(t[r])return t[r].exports;var i=t[r]={i:r,l:!1,exports:{}};return e[r].call(i.exports,i,i.exports,n),i.l=!0,i.exports}n.m=e,n.c=t,n.d=function(e,t,r){n.o(e,t)||Object.defineProperty(e,t,{enumerable:!0,get:r})},n.r=function(e){"undefined"!=typeof Symbol&&Symbol.toStringTag&&Object.defineProperty(e,Symbol.toStringTag,{value:"Module"}),Object.defineProperty(e,"__esModule",{value:!0})},n.t=function(e,t){if(1&t&&(e=n(e)),8&t)return e;if(4&t&&"object"==typeof e&&e&&e.__esModule)return e;var r=Object.create(null);if(n.r(r),Object.defineProperty(r,"default",{enumerable:!0,value:e}),2&t&&"string"!=typeof e)for(var i in e)n.d(r,i,function(t){return e[t]}.bind(null,i));return r},n.n=function(e){var t=e&&e.__esModule?function(){return e.default}:function(){return e};return n.d(t,"a",t),t},n.o=function(e,t){return Object.prototype.hasOwnProperty.call(e,t)},n.p="",n(n.s=0)}([function(e,t,n){"use strict";function r(){if("undefined"==typeof TextEncoder){window.Tex

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 456

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):6310
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.014109706086264
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:96:npyIo40w7BJJF0iwpCZpdGHGa6Ay+TsANj6jZ69jJjFZZ2Os8A:FX7BJJO3pCZpY6v+TsAV+Z0JpVA
                                                                                                                                                                                                                                                                                                                                                                                MD5:50F4085F4654D228891FFDBA08FC7F73
                                                                                                                                                                                                                                                                                                                                                                                SHA1:4E86359280CBCA3BBCDA0ACA8A5B7287732447B9
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:C672F31A0E51298EB1A02A8FC8FCA271FFFC38B49BE9053697B9D7C4E5C756A2
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:A52258779CC34253F351ADAD2198CE4058C6F50FB7B430B2B407EF0DE2CEA2327EE51BD6ECA2E0961551818AF0913480214C6F962856D6336F904678CAB66337
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://cdn.cookielaw.org/consent/831b8ee0-e952-49a5-af6b-01382c722774/831b8ee0-e952-49a5-af6b-01382c722774.json
                                                                                                                                                                                                                                                                                                                                                                                Preview:{"CookieSPAEnabled":false,"CookieSameSiteNoneEnabled":false,"CookieV2CSPEnabled":false,"MultiVariantTestingEnabled":false,"UseV2":true,"MobileSDK":false,"SkipGeolocation":false,"ScriptType":"PRODUCTION","Version":"6.36.0","OptanonDataJSON":"831b8ee0-e952-49a5-af6b-01382c722774","GeolocationUrl":"https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location","BulkDomainCheckUrl":"https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck","RuleSet":[{"Id":"01912753-8c21-7a17-883f-0a91a4e5ae8b","Name":"US, AU . All Opt-out","Countries":["au","us"],"States":{},"LanguageSwitcherPlaceholder":{"de":"de","default":"en","ru":"ru","pt":"pt","it":"it","fr":"fr","es":"es","nl":"nl"},"BannerPushesDown":false,"Default":false,"Global":false,"Type":"GDPR","UseGoogleVendors":false,"VariantEnabled":false,"TestEndTime":null,"Variants":[],"TemplateName":"CCleaner . REJECT ALL . Template","Conditions":[],"GCEnable":false,"IsGPPEnabled":false,"EnableJWTAuthForKnownUsers":false},{"Id":"0191275

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 457

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:HTML document, ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):26
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.469670487371862
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:qVZqz:qz0
                                                                                                                                                                                                                                                                                                                                                                                MD5:4E43C09312DA47F5D540BF874ECB46F7
                                                                                                                                                                                                                                                                                                                                                                                SHA1:AB25ABAE19ED156908C76D641F1449AA3F1724D5
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:6D0291F90718DC0537F65DC6A4F68D8E75F0A8A3A0B62836D9CF41350ECAF552
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:B86531F838FF48C2715313D50D433C74A57B15E8B6D515B86BFB031E3C4048AC9F0DB4AC7EE143890379A4A59808EF46929811AC938EB83C1E0547E4DDA2DFAF
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:<html><bode></body></html>

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 458

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):52
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.931208948910324
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:egsWdk1sQigmH10Xa3VqYn:eN/sQijWaVqY
                                                                                                                                                                                                                                                                                                                                                                                MD5:1E171D9EBC91A21AFE50FF4D797237F0
                                                                                                                                                                                                                                                                                                                                                                                SHA1:2A20A8C787725740956222ED07BE45B3D6F54231
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:FF9B2BF8A1791622B88DC1181911CC333387EBE64A69D6C4073F49312A219872
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:282CC4F3867E1C63EDECCBDE8E2CD99CA06590C4ABCE7FA789CD52B091FCBE423072BC9182272C55E2A8309579A2578FECC8D25ED2071546B9691FF70E6EFC51
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISHgkpbMu0G-IpYhIFDTa1nw8SBQ2DqFs9EgUN5yHjhg==?alt=proto
                                                                                                                                                                                                                                                                                                                                                                                Preview:CiMKCw02tZ8PGgQIBxgBCgsNg6hbPRoECAkYAQoHDech44YaAA==

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 459

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1560x590, components 3
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):92067
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.817112492608626
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:9PcO0QriP/4JFJ6+Kh5r+sO6CpRkLhmvF6MehSJESAaSxMPssk:YQrK+FJ6+KhthOvXjF6nhSQLUssk
                                                                                                                                                                                                                                                                                                                                                                                MD5:6455EAC0D7B6FB17D419FC734538A9CF
                                                                                                                                                                                                                                                                                                                                                                                SHA1:711AC0FC93CCD476516682AF42D16929C8652DFC
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:ADF0769B8D66670AC87E65DD2C6DF6C0A2A33EB58A39903FB9BA49ACD4A5C87E
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:B7DB88858729F111C3753A340CA5C657C1D2DD53F135FCC636AD4B21CF5E4C3C448E5CEB5AFEC45C2A06DD26AEB20CE7325798FC8E30389E43C91BC0C343B897
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:......JFIF.....d.d......Ducky.......K......http://ns.adobe.com/xap/1.0/.<?xpacket begin="." id="W5M0MpCehiHzreSzNTczkc9d"?> <x:xmpmeta xmlns:x="adobe:ns:meta/" x:xmptk="Adobe XMP Core 7.1-c000 79.dabacbb, 2021/04/14-00:39:44 "> <rdf:RDF xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"> <rdf:Description rdf:about="" xmlns:xmpMM="http://ns.adobe.com/xap/1.0/mm/" xmlns:stRef="http://ns.adobe.com/xap/1.0/sType/ResourceRef#" xmlns:xmp="http://ns.adobe.com/xap/1.0/" xmpMM:OriginalDocumentID="xmp.did:ed6f4275-5c61-4f7b-a239-ec3bfcf74b3d" xmpMM:DocumentID="xmp.did:6C20C9FA3BCF11EC8D2FE7DCF3B86EFC" xmpMM:InstanceID="xmp.iid:6C20C9F93BCF11EC8D2FE7DCF3B86EFC" xmp:CreatorTool="Adobe Photoshop 23.0 (Macintosh)"> <xmpMM:DerivedFrom stRef:instanceID="xmp.iid:ed6f4275-5c61-4f7b-a239-ec3bfcf74b3d" stRef:documentID="xmp.did:ed6f4275-5c61-4f7b-a239-ec3bfcf74b3d"/> </rdf:Description> </rdf:RDF> </x:xmpmeta> <?xpacket end="r"?>....Adobe.d.....................................................

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 460

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (33615)
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):33616
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.413721726762077
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:EbuqqwM9iRD91mDdP/6Lf9nafTAVZxp1Z7s:EbuTiRB1m2a8VZxpro
                                                                                                                                                                                                                                                                                                                                                                                MD5:FA0660A8882E303688049086E6201CBE
                                                                                                                                                                                                                                                                                                                                                                                SHA1:163A8A8481E067A40D4FFC0815F92684B45BD3AB
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:240530CD560BF994EBC14EABF67AA7B0413487CACC7AE1D1E29306243D87672B
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:7370B394B4F0360238498C7E9F31F582B45BB67A19E6CB811DF1D07D63FC31E6B1142E85F2445E5C1807A9BC0930346B1025F377695DA84321484267DB54CAB0
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:var adalyserModules=trackerCore;adalyserModules.AdalyserTracker=function(e,r){var t=window;mutState={outQueues:[],bufferFlushers:[],expireDateTime:null,hasLoaded:false,registeredOnLoadHandlers:[]};function n(){var e;adalyserModules.helpers.forEach(mutState.bufferFlushers,function(e){e()});if(mutState.expireDateTime){do{e=new Date;if(adalyserModules.helpers.filter(mutState.outQueues,function(e){return e.length>0}).length===0){break}}while(e.getTime()<mutState.expireDateTime)}}t.AdalyserTracker={};adalyserModules.helpers.addEventListener(t,"beforeunload",n,false);return new adalyserModules.InQueueManager(e,mutState,r)};adalyserModules.InQueueManager=function(e,r,t){var n;function a(){if(adalyserModules.isBot(navigator.userAgent)){return}for(var e=0;e<arguments.length;e+=1){var r=arguments[e];var t=Array.prototype.shift.call(r);if(typeof t=="function"){t.apply(r);continue}if(t==="create"){o(r[0]);continue}n[t].apply(n[t],r)}}function o(e){e=e||{};if(!n){n=new adalyserModules.Tracker(t,r,e

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 461

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:GIF image data, version 89a, 1 x 1
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):53
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.324196936570766
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:CU7KNpKThE/xlSle:s2Eule
                                                                                                                                                                                                                                                                                                                                                                                MD5:414BD2A5161DB03FDD910327B42C6DAA
                                                                                                                                                                                                                                                                                                                                                                                SHA1:65D4CF50496813C5F1A34EDDD5C50DC67D44FF47
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B51F3497B0A65F1E1E87E75F5E7E823D871C23BCF76A5EE4101783C8F939E553
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:633F304A2024C3B6EBB92B3EED8059F8232C316D70FBE8EF353106C2105F7A9662D8FD935B89A5F10E09204C6886EDCE4FB1B19938123B7E057A34F2BF78FF85
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:GIF89a.............!.......,........@..D..;

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 462

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):715
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.483239176067502
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12:trCv0uXM65rVP7EUDYwdPytQJuIMrG6gBMfCXjjmCh63IEKn:tuv0uXMMrFEUDYwdPzMBgawjjmCh6YEM
                                                                                                                                                                                                                                                                                                                                                                                MD5:2840415F6784A17C0C7FE8AA7A5BF22C
                                                                                                                                                                                                                                                                                                                                                                                SHA1:BD2C49AE9EFB86AD4D6F3D31F57C552ADEB0E07A
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:A21F9654466882A459CAF9270BE5150855FCA208C9969F140D4FBEC41B2A8D86
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:59A696E893ABCCE4DE0928E85D14EE49EBB43A7D3948D8014FD4C916B913EEF0C569B4FC1CF2FCCC85B7E580F659E622A9795FCA083467896DB09122014EFDE9
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:<svg width="17" height="16" viewBox="0 0 17 16" fill="none" xmlns="http://www.w3.org/2000/svg">.<path fill-rule="evenodd" clip-rule="evenodd" d="M6.94141 14.8389V12.5H5.44141V10.5C5.38659 10.4452 5.24658 10.3114 5.04798 10.1217C4.25862 9.36765 2.54354 7.72927 1.57201 6.64726C1.48631 7.08494 1.44141 7.53722 1.44141 8C1.44141 11.3511 3.79622 14.1522 6.94141 14.8389ZM12.772 2.5H10.4414V4.5H6.94141V6.5H4.94141V7.5H10.4414V10.5H12.4414V13.7453C14.2549 12.4804 15.4414 10.3787 15.4414 8C15.4414 5.76904 14.3977 3.78183 12.772 2.5ZM16.4414 8C16.4414 12.4183 12.8597 16 8.44141 16C4.02313 16 0.441406 12.4183 0.441406 8C0.441406 3.58172 4.02313 0 8.44141 0C12.8597 0 16.4414 3.58172 16.4414 8Z" fill="#46515D"/>.</svg>.

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 463

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (57795)
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):58197
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.447962948233802
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:etdfbRU1UJ7U//pgKfSmkgwdP3+BDIPoXu8Fu33NEQ4WKB3eyvbrhP/:qDyycBgKfSxgGP3+1tXuzp4jB3e6brh3
                                                                                                                                                                                                                                                                                                                                                                                MD5:7547294860AAE4D423CD8EC4D2C30305
                                                                                                                                                                                                                                                                                                                                                                                SHA1:E58E1C3CC3AD69923091A7C86380831A3F25F2A9
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:28E60EEBC4470F6CA0D874BE53E5A2E52B4FBD8426E0C90FED535422AF5084A1
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:3688FF52822782799E5AA5C6351F7B3586E8BF930C0F7F2177CE4D392EBC1DDA343D5077867467EED8BEEDCF68288C7DBE3C382E23BE8E83038FF1B5D07BCA47
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://www.mczbf.com/tags/563151391133/tag.js
                                                                                                                                                                                                                                                                                                                                                                                Preview:var CJApi;!function(){var e={580:function(e,t){"use strict";var r=this&&this.__assign||function(){return r=Object.assign||function(e){for(var t,r=1,n=arguments.length;r<n;r++)for(var o in t=arguments[r])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},r.apply(this,arguments)};Object.defineProperty(t,"__esModule",{value:!0}),t.config=void 0;var n={policyApiUrl:"https://www.sjwoe.com/policy"},o=function(){try{return n}catch(e){return n}}();t.config=r(r({},o),{version:"7349afbba"})},434:function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.createSetAdvertiserConsentStatus=function(e){return function(t){if(e.win.cj){e.win.cj.advertiserConsentStatus=t;var r=!!e.countryCode&&(0,n.getPolicy)(e.countryCode);(0,n.consentFromSignal)(e.date,e.win,t,r),(0,o.default)(e)}}};var n=r(446),o=r(378)},446:function(e,t,r){"use strict";Object.defineProperty(t,"__esModule",{value:!0}),t.DtmConsent=void 0,t.serializeCjConsent=s,t.parseCjConsent=u,t.getConsentCookie=p

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 464

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):998
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.183272850845479
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:Y1KQcFHbSOFjFp+ink21KC/DCSa/4VJIYc1wGPlxOAi2WAJO3:Y1KjSoj/NfrtRVdc1wGPPjW+y
                                                                                                                                                                                                                                                                                                                                                                                MD5:FF7DEE174ADD0AFBCD8643F12AC32196
                                                                                                                                                                                                                                                                                                                                                                                SHA1:162F90B83A3DA3501A4D385301B99987E91689F9
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:8852555968356A7C7CEFEE8EC8D6474B98D18205E3836B6B03092CFBD1D9749E
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:6CB0B0667B639EA17B22D0AB208A67D53874E0308940C3FB2928B03EF15ABAC2C6D8E9932221250CA8716AF467F9B1EB9A0E12A63BDA60BFDB11CB8A2789D8EC
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:"https://c.go-mpulse.net/api/config.json?key=KHFPC-EEZSQ-MPDZF-9BJVS-S3BCL&d=www.ccleaner.com&t=5774823&v=1.766.60&if=&sl=0&si=813d89a3-770b-4c0a-9efd-6c26e309da1d-sngcky&plugins=AK,ConfigOverride,Continuity,PageParams,RT,PaintTiming,NavigationTiming,ResourceTiming,Memory,Akamai,EventTiming,LOGN&acao=&ak.ai=733567"
                                                                                                                                                                                                                                                                                                                                                                                Preview:{"h.key":"KHFPC-EEZSQ-MPDZF-9BJVS-S3BCL","h.d":"arlid:733567","h.t":1732446921574,"h.cr":"e1b549a65962a5f0cd8770458812c23ac0eaad38-c4ef7263-37f3bacb","session_id":"80e0ceb0-700b-4db1-afbb-9fc440dda8f4","site_domain":"arlid:733567","beacon_url":"//684d0d45.akstat.io/","autorun":true,"strip_query_string":true,"beacon_interval":60,"BW":{"enabled":false},"RT":{"session_exp":1800},"ResourceTiming":{"enabled":true,"splitAtPath":true},"Continuity":{"enabled":true},"PageParams":{"xhr":"none","pageGroups":[{"type":"Custom","parameter1":"nortonAnalytics.site_sub_section","on":["navigation"]},{"type":"Regexp","parameter1":"/inapp/","parameter2":"In App","on":["navigation"]}],"customMetrics":[],"customTimers":[],"customDimensions":[],"urlPatterns":[],"params":true},"Akamai":{"enabled":true,"mapping_xhr_base_url":"akamaihd.net","mapping_xhr_url_path":"/eum/getdns.txt","mapping_xhr_url_v4_prefix":"trial-eum-clientnsv4-s","mapping_xhr_url_v6_prefix":"trial-eum-clienttons-s"},"user_ip":"8.46.123.0"}

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 465

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                                                                MD5:99914B932BD37A50B983C5E7C90AE93B
                                                                                                                                                                                                                                                                                                                                                                                SHA1:BF21A9E8FBC5A3846FB05B4FA0859E0917B2202F
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:44136FA355B3678A1146AD16F7E8649E94FB4FC21FE77E8310C060F61CAAFF8A
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:27C74670ADB75075FAD058D5CEAF7B20C4E7786C83BAE8A32F626F9782AF34C9A33C2046EF60FD2A7878D378E29FEC851806BBD9A67878F3A9F1CDA4830763FD
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://px.ads.linkedin.com/attribution_trigger?pid=2208068&time=1732446932629&url=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385
                                                                                                                                                                                                                                                                                                                                                                                Preview:{}

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 466

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (64779)
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):76725
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.313616145439348
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:4qz0SxVdcNANA2AZLs1tUzBnIZOL494pK:4Y0SxVdn1tUzBnsl
                                                                                                                                                                                                                                                                                                                                                                                MD5:7E8D5BE9D03916BEDE0536528EAE1CB5
                                                                                                                                                                                                                                                                                                                                                                                SHA1:8BE7E461859FB27730ED7911CA987C565A9ABAEC
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:D97DF31991B134E0870FEC19CC20FF853974F3CC8E83B686E71F50E58840229A
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1F81B72B20640259726BDB2B68FBA00104FFCEEC1698597636CD166A70F312504192AAE892BE49D7F09DC6DE0089C86E4DDC0B1536BE71BCE9DC03FF7AD63D9D
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:./*@preserve.***Version 2.19.0***.*/../*@license. * Copyright 2002 - 2018 Qualtrics, LLC.. * All rights reserved.. *. * Notice: All code, text, concepts, and other information herein (collectively, the. * "Materials") are the sole property of Qualtrics, LLC, except to the extent. * otherwise indicated. The Materials are proprietary to Qualtrics and are protected. * under all applicable laws, including copyright, patent (as applicable), trade. * secret, and contract law. Disclosure or reproduction of any Materials is strictly. * prohibited without the express prior written consent of an authorized signatory. * of Qualtrics. For disclosure requests, please contact notice@qualtrics.com.. */..try {. (window["WAFQualtricsWebpackJsonP-cloud-2.19.0"]=window["WAFQualtricsWebpackJsonP-cloud-2.19.0"]||[]).push([[10],{16:function(e,t,n){"use strict";n.d(t,"a",(function(){return i})),n.d(t,"e",(function(){return r})),n.d(t,"f",(function(){retur

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 467

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                                                                MD5:99914B932BD37A50B983C5E7C90AE93B
                                                                                                                                                                                                                                                                                                                                                                                SHA1:BF21A9E8FBC5A3846FB05B4FA0859E0917B2202F
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:44136FA355B3678A1146AD16F7E8649E94FB4FC21FE77E8310C060F61CAAFF8A
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:27C74670ADB75075FAD058D5CEAF7B20C4E7786C83BAE8A32F626F9782AF34C9A33C2046EF60FD2A7878D378E29FEC851806BBD9A67878F3A9F1CDA4830763FD
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:{}

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 468

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):8
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):2.5
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:x:x
                                                                                                                                                                                                                                                                                                                                                                                MD5:402E7A087747CB56C718BDE84651F96A
                                                                                                                                                                                                                                                                                                                                                                                SHA1:7CE01F6381463362CF6AEF2F843A59261E8F5587
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:662EFAF46C617DDBCB8FF4A2A8F64CFFD3D93630F1003F8E66511F369B87730F
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:5080D776D0B123F20E97D44472EF2343BC022105AA67FC802B71668BAEB74A81530355589D50B1142165D17EF995AEAC196B6C15136D518A1EC0ABFA13C91D10
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://baxhwsyxgzi4uz2dblsq-p08v2f-49ff2084c-clientnsv4-s.akamaihd.net/eum/results.txt
                                                                                                                                                                                                                                                                                                                                                                                Preview:Success!

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 469

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 text, with very long lines (32054)
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):82737
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.417054529586679
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:CZVMbRJN4CoVUTM2ua1OM7CfzGQxmZQx5UG/Lo+oqbH:CaJMYOMuSZQBLDr
                                                                                                                                                                                                                                                                                                                                                                                MD5:6CDA8B6271B502ED1174336D6537D44B
                                                                                                                                                                                                                                                                                                                                                                                SHA1:7A5D5256CED6EA8B8C4B88CB08A7EF0CCB13FE62
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:7CA9E9328C72EAF9F7CB3E12648AD05411A6140291B284D4785E65BB02FB290B
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:7B54A019BAAF08183FA482C73498195B8137C1342818AC57D2DFB4C851C76198FF730125329231CD85BD480DBA3DCD75883E160DBD92169B98F1032E59AB9043
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://www.nortonlifelock.com/content/dam/norton-adobe-analytics/prod/s_code_norton_min.js
                                                                                                                                                                                                                                                                                                                                                                                Preview:/*! Norton - v1.0.2 - 2024-10-07 */function s_doPlugins(a){try{_numeric_.utils.strangeTrafficExclude();var b=localStorage.getItem("strangeTrafficExclude");b&&(a.abort=!0)}catch(c){}var d=a.linkURL;if(void 0!==typeof a.linkType&&"d"==a.linkType&&"string"==typeof d){a.pageName&&a.pageName.match(/avira:(.*):downloads:free-products/gi)&&d.match(/(avira_)(.*_)(sptl1_)(.*)(__.*\.exe)/gi)&&(a.linkURL=d=d.replace(/(avira_)(.*_)(sptl1_)(.*)(__.*\.exe)/gi,"$1$2$3$5")),a.events="event1";var e=d.split("/"),f=e[e.length-1],g=f.substr(f.lastIndexOf(".")+1).toLowerCase();a.eVar1="D=c33",a.prop33=d,a.prop46=g,a.prop47="download",a.prop48=f,a.eVar49="D=c48",a.linkTrackVars="events,prop2,prop33,prop41,prop46,prop47,prop48,prop49,prop59,eVar1,eVar18,eVar27,eVar41,eVar48,eVar49,eVar59",a.linkTrackEvents="event1"}else void 0!==typeof a.linkType&&"e"==a.linkType&&(a.linkTrackVars="None",a.linkTrackEvents="None");a.eVar47="s_code_norton "+s_code_file_modified_date,a.prop21=a.getQueryParam("inid"),!a.prop21&&

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 470

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):3449
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.926074834907907
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:4/kVlYmUaJKKh8GUp+h/JjcRpF1KgKkKk+vq03o7zRglmwwqpSuj/aIWSNOzFBMa:ACjjJxRhhcRp/KgKWqPg1OmwlraIWvyM
                                                                                                                                                                                                                                                                                                                                                                                MD5:2762C41F3C1E53BBA80BFA292F400C57
                                                                                                                                                                                                                                                                                                                                                                                SHA1:154412F481373766508750B4BE71B06A894C454E
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:840E22A03F381F6D36CA630F17757FAEACC354FC41E9F4CBE660CCD32094E6AE
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C6BE8A218F0007532E3AB567ADA2697530DCF2CF2E7278AF8459533FC0FD1A9BFC87B82FC55A63F6EFC44151757333BBAC57F7965E12CBDB635C527B5FB76E91
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:<svg width="23" height="22" viewBox="0 0 23 22" fill="none" xmlns="http://www.w3.org/2000/svg">.<path fill-rule="evenodd" clip-rule="evenodd" d="M22.5859 6.49238C22.5873 5.57538 22.4211 4.66583 22.0954 3.80851C21.8538 3.06829 21.4348 2.39829 20.8749 1.85687C20.334 1.29588 19.6641 0.875568 18.9234 0.632562C18.0653 0.307156 17.1549 0.14106 16.2371 0.142447C14.6944 0.00949202 13.145 -0.0304431 11.5974 0.0228589C10.0919 -0.0278038 8.5848 0.0127868 7.08426 0.144408C6.16643 0.14302 5.25606 0.309117 4.39796 0.634523C3.65576 0.874974 2.98376 1.29329 2.44063 1.85295C1.88029 2.39426 1.46094 3.06427 1.21913 3.80459C0.893633 4.66327 0.728044 5.57418 0.730537 6.49238C0.595797 7.99139 0.555165 9.49736 0.608879 11.0014C0.55817 12.5055 0.598797 14.0113 0.730537 15.5105C0.729149 16.4275 0.895396 17.337 1.2211 18.1944C1.46262 18.9346 1.88163 19.6046 2.44161 20.146C2.98352 20.7055 3.65413 21.1241 4.39501 21.3654C5.25312 21.6908 6.16348 21.8569 7.08132 21.8555C8.58186 21.9872 10.089 22.0277 11.5945 21.977

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 471

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (31295), with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):31295
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.420218989614015
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:8c+nkQPRXpV6U/iDS2i3K7vsjZ6r4wZm2t:8gcpV6UCv66k+m2t
                                                                                                                                                                                                                                                                                                                                                                                MD5:6D3071E7937674C226546116C276CFEC
                                                                                                                                                                                                                                                                                                                                                                                SHA1:0DC3BEA9140A59C19937E5C07F00B9ACAC0B0DBD
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:E37DCB6F734D00D75A25FBF066E04283DBC5167FEF68C8BFF5E0977B83A3F3AD
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:50B5D99264FCD3AFB0D433DBFB8D2CEAF9EA028913D8DCF3C095ADFB18A78A1C2635DE38699728FD6E54103EC3EE76494A94FD06AEC7FB4220F38AC15CE34986
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://amplify.outbrain.com/cp/obtp.js
                                                                                                                                                                                                                                                                                                                                                                                Preview:(()=>{"use strict";var e={865:(e,t)=>{var n,r;t.__esModule=!0,t.LOG_TYPES=t.CONTENT_TYPE=t.Zone=t.GDPR_PURPOSE_CONSENTS=t.HAS_CONSENT_EVENT=t.CONSENT_HANDLER_URL=t.VERSION=void 0,t.VERSION="2.0.5",t.CONSENT_HANDLER_URL="https://my.outbrain.com/mtConsentHandlet/handler",t.HAS_CONSENT_EVENT="has_concent_event",t.GDPR_PURPOSE_CONSENTS=[1,3,4],(r=t.Zone||(t.Zone={})).Default="all",r.EuZone1="euZone1",r.EuZone2="euZone2",(t.CONTENT_TYPE||(t.CONTENT_TYPE={})).Product="product",(n=t.LOG_TYPES||(t.LOG_TYPES={})).Log="log",n.Warning="warning",n.Info="info",n.Error="error"},920:(e,t,n)=>{t.__esModule=!0;var r=n(865);t.default={zone:r.Zone.Default}},778:(e,t)=>{t.__esModule=!0,t.USE_FETCH_WITH_ATTRIBUTION_SRC=t.SEND_BEACON_SUPPORT=t.VERSION_NAME=t.API_NAME=t.GDPR_CALL_ID=t.GDPR_VENDOR_NAME=t.GDPR_VENDOR_ID=t.DOMAIN_URL_PARAMETER_NAME=t.NO_CLICK_ID_COOKIE_NAME=t.VARIATIONS_COOKIE_NAME=t.CLICK_ID_COOKIE_NAME=t.CLICK_ID_URL_PARAM=t.CLICK_ID_PIXEL_URL_PARAM=t.PAGE_VIEW_NAME=t.BASE_URL=void 0,t.BASE_U

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 472

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (32764)
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):181987
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.366515041117068
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:8JS2l9lK6uN9238uw+mU/kiPXFV8oFlsIp:8JSolK6uNg38uw+mU/pFVv1
                                                                                                                                                                                                                                                                                                                                                                                MD5:9FD89DE1A5B58327FF8BB7D91D552999
                                                                                                                                                                                                                                                                                                                                                                                SHA1:EE30F93ECCE33118BDE04531A0FE83149DFD69EA
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:8D78B3EE6B95A5E9F4F4A80775F72432AD0A68207A3A38890C9ED3E7E3809C17
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:E6E36B9F958BDDFF4EC7892FD04B14E51FC8E24783B858D3B84699D404107F60D36AEB3959B1F32CB4CBDED9587093F6DBBD04877C2DB5945F199D34C502836D
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:// For license information, see `https://assets.adobedtm.com/b29989a14bed/fb232d48b52a/launch-6a58c8f8d4cd.js`..window._satellite=window._satellite||{},window._satellite.container={buildInfo:{minified:!0,buildDate:"2024-08-07T17:54:17Z",turbineBuildDate:"2023-02-22T20:37:26Z",turbineVersion:"27.5.0"},environment:{id:"EN8348818414d3457da014cac8b02fade1",stage:"production"},dataElements:{"Dynamic Adobe Library URL - HTTPS":{modulePath:"core/src/lib/dataElements/customCode.js",settings:{source:function(){return previewurl="https://www.nortonlifelock.com/content/dam/norton-adobe-analytics/test/s_code_norton_min_preview.js",produrl="https://www.nortonlifelock.com/content/dam/norton-adobe-analytics/prod/s_code_norton_min.js",void 0!==_satellite&&void 0!==_satellite.environment&&"production"!=_satellite.environment.stage?previewurl:produrl}}},site_subsection:{modulePath:"core/src/lib/dataElements/javascriptVariable.js",settings:{path:"nortonAnalytics.site_sub_section"}},site_language:{moduleP

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 473

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (29146)
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):363151
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.5834510235458765
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:oQbt29MXMiO60DPmPx27iDmoMfgQJoc5vd:dbt2j3DPm07Nb
                                                                                                                                                                                                                                                                                                                                                                                MD5:E60260EB1CFA075E296FBD4982315DD6
                                                                                                                                                                                                                                                                                                                                                                                SHA1:83E81E496D734392BFCF5AF28933996F2B9ECA7D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:33A7472F7BCDE98816ACD78E04476ACDF4941D6E3FA6FA6DCF1CDF9DE7F171F8
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C7E2C8E43510DFACCE504887DD6419BB9A2EA0A0DC84604DD32C50ACE75F36F9172D6E803B20702FADB3CFF7BFBA177EF265D1AE2F9B0A0455CD3497335BF451
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]||{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"267",. . "macros":[{"function":"__u","vtp_component":"PATH","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__e"},{"function":"__v","vtp_name":"gtm.element","vtp_dataLayerVersion":1},{"function":"__v","vtp_name":"gtm.triggers","vtp_dataLayerVersion":2,"vtp_setDefaultValue":true,"vtp_defaultValue":""},{"function":"__jsm","vtp_javascript":["template","(function(){return window.doNotTrack||navigator.doNotTrack||navigator.msDoNotTrack||\"msTrackingProtectionEnabled\"in window.external?\"1\"==window.doNotTrack||\"yes\"==navigator.doNotTrack||\"1\"==navigator.doNotTrack||\"1\"==navigator.msDoNotTrack||window.external.msTrackingProtectionEnabled()?\"1\":\"0\":\"0\"})();"]},{"function":"__u","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmpty

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 474

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):1114
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.2986979758304145
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:tx1FuXMMQuMFMer0B6guLcDTukaLM/FD/6ScJzioWXQY/ikEKn:xEMF/ml9FDgzio1Gi3M
                                                                                                                                                                                                                                                                                                                                                                                MD5:18B77A3940E43F7FF4748948FBB24F53
                                                                                                                                                                                                                                                                                                                                                                                SHA1:E50C7C05E164F4359F000C819CCA78292DE017FD
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:7EC4FA739A14763783F1292F1E0A26069399C15F5ECD6DD7466960AF30BE9967
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C32E84914710C57E0043E62E13FE3EECECAA0C0E35D79031DC634CC3B9EF834753303E3FFF3A91D492A36F75F926FDE35A6DBC55352F7A55E1B5D75B1BD6214F
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://cdn-production.ccleaner.com/site/llfavoy4/twitter.svg
                                                                                                                                                                                                                                                                                                                                                                                Preview:<svg width="23" height="18" viewBox="0 0 23 18" fill="none" xmlns="http://www.w3.org/2000/svg">.<path fill-rule="evenodd" clip-rule="evenodd" d="M20.5234 4.49988V5.08685C20.5353 9.80734 17.9767 14.1562 13.8553 16.4209C9.73384 18.6855 4.70987 18.5032 0.761719 15.9457C1.15076 15.9457 1.4428 16.0432 1.83288 16.0432C3.88371 16.0699 5.87982 15.3783 7.47864 14.0873C5.56282 14.0446 3.8836 12.7885 3.29308 10.9565C3.57782 11.0371 3.87382 11.07 4.1692 11.054C4.56505 11.0365 4.95732 10.9707 5.33736 10.858C3.24884 10.4368 1.74324 8.59744 1.73484 6.45678V6.3593C2.32926 6.69299 3.00138 6.86158 3.68212 6.84774C2.43036 6.02539 1.66487 4.63364 1.63784 3.131C1.62253 2.34112 1.82465 1.56235 2.22192 0.880614C4.5063 3.74082 7.91965 5.45593 11.5672 5.57633C11.5672 5.28285 11.4702 4.89189 11.4702 4.49988C11.4984 2.02658 13.4867 0.0284809 15.9478 0.000166529C17.2094 -0.0108344 18.4149 0.523668 19.2572 1.46758C20.2523 1.27218 21.207 0.908172 22.0806 0.391127C21.7534 1.4449 21.063 2.34687 20.1334 2.93499C21.030

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 475

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (1223)
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):19485
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.498123677217319
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:384:LC/TzpZmdYHPu1cnq9W3eVqIudA7ItW09ROE1WWkK1z0Ika7YyifuxNrx5FejxO9:LCbNZmd6Pu1ct3yqZDtWcUE1WWr1qaV3
                                                                                                                                                                                                                                                                                                                                                                                MD5:ACFAAF3B7DA03D515C434409A8CEDFE3
                                                                                                                                                                                                                                                                                                                                                                                SHA1:4E2FE4950FCED5DF7A649497A093614E0A7D778F
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:A192CC8B869A545B6910C7CB5C96612499A856C49585A67D1629CEC7EBB83DA0
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:8F6D029D18C0AEFECC9F864A9DAA33E19D6F7B73E9CE6D4FABEEB7DABACE55764A7DE6771604B2E2CF59BCC5E3E12D076D508D9773EA14E6E1B2188F25184AE0
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://www.googletagmanager.com/static/service_worker/4bj0/sw.js?origin=https%3A%2F%2Fwww.ccleaner.com
                                                                                                                                                                                                                                                                                                                                                                                Preview:'use strict';var aa=function(a){function c(d){return a.next(d)}function b(d){return a.throw(d)}return new Promise(function(d,e){function f(g){g.done?d(g.value):Promise.resolve(g.value).then(c,b).then(f,e)}f(a.next())})},h=function(a){return aa(a())};/*.. Copyright The Closure Library Authors.. SPDX-License-Identifier: Apache-2.0.*/.var n=this||self;var r,u;a:{for(var ba=["CLOSURE_FLAGS"],z=n,A=0;A<ba.length;A++)if(z=z[ba[A]],z==null){u=null;break a}u=z}var ca=u&&u[610401301];r=ca!=null?ca:!1;var D;const da=n.navigator;D=da?da.userAgentData||null:null;function F(a){return r?D?D.brands.some(({brand:c})=>c&&c.indexOf(a)!=-1):!1:!1}function G(a){var c;a:{const b=n.navigator;if(b){const d=b.userAgent;if(d){c=d;break a}}c=""}return c.indexOf(a)!=-1};function H(){return r?!!D&&D.brands.length>0:!1}function I(){return H()?F("Chromium"):(G("Chrome")||G("CriOS"))&&!(H()?0:G("Edge"))||G("Silk")};!G("Android")||I();I();G("Safari")&&(I()||(H()?0:G("Coast"))||(H()?0:G("Opera"))||(H()?0:G("Edge"))||(

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 476

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (65450)
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):179505
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.3450420797697475
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:VwmvhwvwV1UMwH+0G+ZBTr9ix6HeTX0XLDDDbGw5wyPybFkK8yDaIG9:zhwvwVGMw9ZXixont8Fk9KG
                                                                                                                                                                                                                                                                                                                                                                                MD5:B8A8E6F05216E9ED9ED7DDB3F7B6B3AD
                                                                                                                                                                                                                                                                                                                                                                                SHA1:FE008D9A4340866FC953E466E7497C725E4DE7B8
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:25559FEA32DD281A2FFC5C366EE17DBC122476A20D014E4D99017225F91BA2E1
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:BA0A955B775AB1F6997617751FF25B4780B90007AA80A7CFD665BE63FCFCF4590AA5FFFA6E21BE4169B5E79AB93E2864B682533188F18200B6FBA233E1265B78
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://script.hotjar.com/modules.86621fa4aeada5bcf025.js
                                                                                                                                                                                                                                                                                                                                                                                Preview:/*! For license information please see modules.86621fa4aeada5bcf025.js.LICENSE.txt */.!function(){var e={4788:function(e,t,n){"use strict";n.d(t,{s:function(){return r}});const r=Object.freeze({IDENTIFY_USER:"identify_user",AUTOTAG_RECORDING:"autotag_recording",TAG_RECORDING:"tag_recording",HEATMAP_HELO:"heatmap_helo",RECORDING_HELO:"recording_helo",REPORT_USER_ID:"report_user_id",MUTATION:"mutation",MOUSE_CLICK:"mouse_click",INPUT_CHOICE_CHANGE:"input_choice_change",KEY_PRESS:"key_press",MOUSE_MOVE:"mouse_move",RELATIVE_MOUSE_MOVE:"relative_mouse_move",CLIPBOARD:"clipboard",PAGE_VISIBILITY:"page_visibility",SCROLL_REACH:"scroll_reach",SCROLL:"scroll",SELECT_CHANGE:"select_change",VIEWPORT_RESIZE:"viewport_resize",SCRIPT_PERFORMANCE:"script_performance",REPORT_CONTENT:"report_content",INSERTED_RULE:"inserted_rule",DELETED_RULE:"deleted_rule"})},6939:function(e,t,n){"use strict";n.d(t,{f:function(){return f},W:function(){return g}});const r=Object.freeze({LIVE:"LIVE",REVIEW_WEBAPP:"REVI

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 477

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):9576
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.3997296571084075
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:192:rN5bN8NjNY3YNONCFNnNO6NfNANk3FNNN4YNYSNXpNgNjNS3mNuN4fNANUXNVNem:R5hKZ22EANOA1uCrDfxXvOZAMkwuUdbT
                                                                                                                                                                                                                                                                                                                                                                                MD5:DF845ACD692B2FFE5F46DB41E193E577
                                                                                                                                                                                                                                                                                                                                                                                SHA1:EFE7149445972A9FF473B89CFB3C873D2F7BB3C9
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:8E878B38C0C357B63EB23D45C6182FD4F1AC0E92A5601A7E27F04EDCFAD5B4AF
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:6D487DD5B7ACA59F0E185856C842708958A25B6832C5BB3C8F29AB4FA7FC2C2C6ADF8931DCB6EFB0E4F1E738188D8F9B2765147F371035AD156B35664C832758
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap
                                                                                                                                                                                                                                                                                                                                                                                Preview:/* cyrillic-ext */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 300;. font-display: swap;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fCRc4EsA.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 300;. font-display: swap;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* greek-ext */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 300;. font-display: swap;. src: url(https://fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmSU5fCBc4EsA.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./* greek */.@font-face {. font-family: 'Roboto';. font-style: normal;. font-weight: 300;. font-display: swap;. src: url(https://fonts.g

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 478

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (9217)
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):244375
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.4541358501238815
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:pfLeYH8AtPJ137OeR8NteqZEbkxZNsucrl0xYurPK713EN:pfLeYc+PJxH8NNfFcrHurPK713C
                                                                                                                                                                                                                                                                                                                                                                                MD5:98A1AA6D0155EA8597C93CD050CE5808
                                                                                                                                                                                                                                                                                                                                                                                SHA1:C844C1CBAA79A4F09F50E2DF3F648B8B5AA6CB5E
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:527BF3DACC5EB62211130FE4BF315C682861320AB25B4AA2EFE6EA87A760DB8C
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:BB01621E0CBE1185D2167CEDB9517A29FE6537AE0E23254243DF90F36A66A0E1D91034E9A772E76C94FC1E1E969DB9082177777EC6085A752B3BCB9BC8B98BC2
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://connect.facebook.net/en_US/fbevents.js
                                                                                                                                                                                                                                                                                                                                                                                Preview:/**.* Copyright (c) 2017-present, Facebook, Inc. All rights reserved..*.* You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook..*.* As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software..*.* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 479

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PNG image data, 396 x 185, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):21362
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.969155260409857
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:384:y3vouUh4NMbbjz0/bEh2k2mupQVQXASUtRYSjyNuILYLQKhM371ROzhVL4R6W+YV:2voFh4K3jIWryQRPxbILui7TQJ4R6WzV
                                                                                                                                                                                                                                                                                                                                                                                MD5:2DE13725F22827F3B6D66C113F55FB10
                                                                                                                                                                                                                                                                                                                                                                                SHA1:4CF917DE95729023D4099728CFEB24539B354814
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:E0E16342B7CA4F029DCBE2C9C87A29A25406CDDB46BE331CC9A53D2098DD9E79
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:636A0F1F031B71A5A5B0B5CDD522EA9FA90284C7DA8EEC51825B58592FB58B0179B7D2DE888E14D956C0C2F7E811F519AE55BF6B59075035A146530321C49E29
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.PNG........IHDR.............;.......pHYs.................sRGB.........gAMA......a...S.IDATx..}..$Gy...7...$..I.p..I.S@d....-...?. ...`....{Dc....$......S..t.'.t9..m...._...z.gv.vf......=3.W..W.444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444444`@c.1.....p...;z....9.....al.....&.Y.".9t8..A\Ca.&......C:.5...444...0f.l....h..$.E..o..<........h.&....4..d1.;......Lc!.-..s.....~L...&..v...p44..4a.`.$q-.7SX........v.W.n.w....qJl.Hw!....aD|]...s.<........dN.... ...<>.v"..NND..'".y.....~.&t..4....c.A.G.....}#...[q.....S{Q(..I..(.u42.H.-.,.(.u...m..9.A...$.%.@..I.i0..e..H..N[6%..u[.. ""....'%~L.....h.&..n4f.4a...$..L\...qy25......{q.S..u. .$J"0.,.1.a.1.*..R...hd.avm....o.H.a$.l.Bw.E..<....$:.X...8ZLG[....t.......:!.\...h.8h.hBHNk.v..;...........'.c|.h....iZG.$.C.2a..0.k'....>.~T}.r.q..cH1.....!.NX..i6\{.Z. .V..$.ED$|5s..G.d..:.,.5..Q._.6.i4.4a4....N.s...........}x~..&&....t..q4..

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 480

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):484
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.869845660919293
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12:trZn1ruXM65ZxmKiRFj+XGpZ9qm6GcYvEKn:tZ1ruXMMZx3GRoG996GcYvEKn
                                                                                                                                                                                                                                                                                                                                                                                MD5:275FD8570BD9EC9882AB3003F1945C97
                                                                                                                                                                                                                                                                                                                                                                                SHA1:5C067FA58D5610A2A34EF3CC518BB9AF261C237B
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:CE1C79B208ABA80E5814AEC16BCE506BF0A1F1E79E0687999DE32BA1D42A934B
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1C0453ECA5EFE458EBB81F1A3908E7E7740A4FD4CCA112E448720CD03AA5A12E57498B0AE7B9E2184CD2B6B5B0873778AEBC9F72DE6492BB3BE631FB3739110E
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:<svg width="9" height="18" viewBox="0 0 9 18" fill="none" xmlns="http://www.w3.org/2000/svg">.<path fill-rule="evenodd" clip-rule="evenodd" d="M8.57544 9.34668H5.85951V18H1.86785V9.34668H0V6.04668H1.86785V3.89568C1.7963 2.83151 2.20584 1.78999 2.98918 1.04392C3.77252 0.297854 4.85162 -0.0784152 5.9438 0.0136756H8.91571V3.23468H6.79292C6.54932 3.22473 6.31375 3.32043 6.14978 3.49596C5.98582 3.67149 5.91037 3.90874 5.9438 4.14368V6.04368H9L8.57544 9.34668Z" fill="#46515D"/>.</svg>.

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 481

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):979
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.413197516958716
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:twd1QuXMMu28pKprXq3Z4yRSn0IsRRunfR/gWogEiJFBlQ+ooWSEKn:6n65wpLq3S0I7gWogjX9WFM
                                                                                                                                                                                                                                                                                                                                                                                MD5:CD2F3EE235C41EACB6AEB069C77353F5
                                                                                                                                                                                                                                                                                                                                                                                SHA1:0EE782685BC92C180E5D0EC196529C44F6E80EE7
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:91AF4E9906C6B69D1BCD991EDDBFAE079ECE910C5866A807366B63A8805EAF7F
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:F5688778D7BD34366C398A6C79A04361AA57B487A7E733F69EC6A1A5A4FB790D5EE0E92CFDBDD1958C6472AF40537E2B42DB5BC81E2260E1795C8957E2C4FA04
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:<svg width="20" height="18" viewBox="0 0 20 18" fill="none" xmlns="http://www.w3.org/2000/svg">.<path fill-rule="evenodd" clip-rule="evenodd" d="M4.66151 2.09116C4.67056 1.50652 4.43129 0.945587 4.0034 0.548309C3.5755 0.151031 2.99934 -0.0451262 2.41864 0.00877676C1.84137 -0.030699 1.27344 0.17038 0.84889 0.564549C0.424345 0.958718 0.180814 1.51105 0.175781 2.09116C0.180814 2.67128 0.424345 3.22361 0.84889 3.61778C1.27344 4.01195 1.84137 4.21303 2.41864 4.17355C2.99934 4.22746 3.5755 4.0313 4.0034 3.63402C4.43129 3.23674 4.67056 2.67581 4.66151 2.09116ZM0.401104 6H4.35367V17.999H0.401104V6ZM14.5241 5.50366C17.1823 5.50366 19.1758 7.25226 19.1758 11.0006V17.999H15.219V11.5028C15.219 9.83685 14.7425 8.7538 13.2469 8.7538C12.3056 8.75556 11.7333 9.35877 11.4332 10.2533C11.2912 10.566 11.2339 10.9107 11.2672 11.2527V18L7.31809 17.999C7.31809 17.999 7.40157 7.16574 7.31809 6.00001H10.8691V7.50235C11.6287 6.21341 13.0321 5.44597 14.5241 5.50366Z" fill="#46515D"/>.</svg>.

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 482

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (65455)
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):370595
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.357959393935795
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:DoafhCzhEqqpxYvc/L1uDpFcTDrgltBVJ61VW/NWKi848:cuqqpxY0gD4sGA
                                                                                                                                                                                                                                                                                                                                                                                MD5:53D714B01891BF0658E567A073B78F97
                                                                                                                                                                                                                                                                                                                                                                                SHA1:09986C8182F1FD1B1DFE917D841CEA9B8B51C005
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:00BAB1A0CA70BAE23E6E733C1B78045476A2D2688AA0C5CF26FC7EFA81CCAA0B
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:3CC182FBD3C026EEDAC9DF2A448240B26A7A84ACE4991AAB92282DC93F503BA14FEBD0BE0137E2FDF7C61014487BE9D6114435C1EC340AA85A46ABBB62B89F39
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:/** . * onetrust-banner-sdk. * v6.36.0. * by OneTrust LLC. * Copyright 2022 . */.!function(){"use strict";var o=function(e,t){return(o=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var o in t)t.hasOwnProperty(o)&&(e[o]=t[o])})(e,t)};var k,e,r=function(){return(r=Object.assign||function(e){for(var t,o=1,n=arguments.length;o<n;o++)for(var r in t=arguments[o])Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r]);return e}).apply(this,arguments)};function c(i,s,a,l){return new(a=a||Promise)(function(e,t){function o(e){try{r(l.next(e))}catch(e){t(e)}}function n(e){try{r(l.throw(e))}catch(e){t(e)}}function r(t){t.done?e(t.value):new a(function(e){e(t.value)}).then(o,n)}r((l=l.apply(i,s||[])).next())})}function C(o,n){var r,i,s,e,a={label:0,sent:function(){if(1&s[0])throw s[1];return s[1]},trys:[],ops:[]};return e={next:t(0),throw:t(1),return:t(2)},"function"==typeof Symbol&&(e[Symbol.iterator]=function(){return this}),e;function t(t){

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 483

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 text, with very long lines (51384), with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):51385
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.293328685395304
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:IaOFhhRC5JFhLjfRysgLzQynDw5YyDMFW8KQ:IaOFnR2DRszQKaoWtQ
                                                                                                                                                                                                                                                                                                                                                                                MD5:6626C1362840EBFC8F48294E8F023E18
                                                                                                                                                                                                                                                                                                                                                                                SHA1:4EC0DFB37C3E536C1B5EC04B68C9846FDBAF9EEF
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:AABC88A6DB8B22022F96CA88E4F0A7BE426ABEF2B35169A71515A2D55246402A
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:B037A19B52C1047198EC7F19E99066054E454964380E2354239834260D11248E617D6759B944DDF39A25B883C8F430603D8E13097396E2DEDA9BB6905C1CD42A
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:function UET(o){this.stringExists=function(n){return n&&n.length>0};this.domain="bat.bing.com";this.domainCl="bat.bing.net";this.URLLENGTHLIMIT=4096;this.pageLoadEvt="pageLoad";this.customEvt="custom";this.pageViewEvt="page_view";o.Ver=o.Ver!==undefined&&(o.Ver==="1"||o.Ver===1)?1:2;this.uetConfig={};this.uetConfig.consent={enabled:!1,adStorageAllowed:!0,adStorageUpdated:!1,hasWaited:!1,waitForUpdate:0,enforced:!1};this.uetConfig.tcf={enabled:!1,vendorId:1126,hasLoaded:!1,timeoutId:null,gdprApplies:undefined,adStorageAllowed:undefined,measurementAllowed:undefined,personalizationAllowed:undefined};this.uetConfig.cusig={hasLoaded:!1,timeoutId:null,blob:{}};this.beaconParams={};this.supportsCORS=this.supportsXDR=!1;this.paramValidations={string_currency:{type:"regex",regex:/^[a-zA-Z]{3}$/,error:"{p} value must be ISO standard currency code"},number:{type:"num",digits:3,max:999999999999},integer:{type:"num",digits:0,max:999999999999},hct_los:{type:"num",digits:0,max:30},date:{type:"regex",

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 484

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):60295
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.474502986194847
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:5sbcBWhomYYifa6pWClzuz6c18CQ3HoQqhF:5cqv7duz6c18CQXSF
                                                                                                                                                                                                                                                                                                                                                                                MD5:307C87905FA5D5B11953ED7F67950381
                                                                                                                                                                                                                                                                                                                                                                                SHA1:F900B3F5518887B44E6C565AF7F6D7CCE853DDC0
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B74420758DE35D9E305C4BE91525ACE39BC3961B99841AB0624834B863B7CD01
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:E0A40C1756D9E8371B3B6AF6C4FC3814874DF7D871B0894E0E9823FD7E65CDE723E627F4C4D5CD545987768E47CE820B1DE1F360352BEF52D54488853EAD2C04
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:. {. "name": "otPcCenter",. "html": "PGRpdiBpZD0ib25ldHJ1c3QtcGMtc2RrIiBjbGFzcz0ib3RQY0NlbnRlciBvdC1oaWRlIG90LWZhZGUtaW4iIGFyaWEtbW9kYWw9InRydWUiIHJvbGU9ImFsZXJ0ZGlhbG9nIiBhcmlhLWRlc2NyaWJlZGJ5PSJvdC1wYy1kZXNjIj48IS0tIENsb3NlIEJ1dHRvbiAtLT48ZGl2IGNsYXNzPSJvdC1wYy1oZWFkZXIiPjwhLS0gTG9nbyBUYWcgLS0+PGRpdiBjbGFzcz0ib3QtcGMtbG9nbyIgcm9sZT0iaW1nIiBhcmlhLWxhYmVsPSJDb21wYW55IExvZ28iPjwvZGl2PjxidXR0b24gaWQ9ImNsb3NlLXBjLWJ0bi1oYW5kbGVyIiBjbGFzcz0ib3QtY2xvc2UtaWNvbiIgYXJpYS1sYWJlbD0iQ2xvc2UiPjwvYnV0dG9uPjwvZGl2PjwhLS0gQ2xvc2UgQnV0dG9uIC0tPjxkaXYgaWQ9Im90LXBjLWNvbnRlbnQiIGNsYXNzPSJvdC1wYy1zY3JvbGxiYXIiPjxoMiBpZD0ib3QtcGMtdGl0bGUiPllvdXIgUHJpdmFjeTwvaDI+PGRpdiBpZD0ib3QtcGMtZGVzYyI+PC9kaXY+PGJ1dHRvbiBpZD0iYWNjZXB0LXJlY29tbWVuZGVkLWJ0bi1oYW5kbGVyIj5BbGxvdyBhbGw8L2J1dHRvbj48c2VjdGlvbiBjbGFzcz0ib3Qtc2RrLXJvdyBvdC1jYXQtZ3JwIj48aDMgaWQ9Im90LWNhdGVnb3J5LXRpdGxlIj5NYW5hZ2UgQ29va2llIFByZWZlcmVuY2VzPC9oMz48ZGl2IGNsYXNzPSJvdC1wbGktaGRyIj48c3BhbiBjbGFzcz0ib3QtbGktdGl0bGUiPkNvbnNlbn

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 485

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (55521)
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):315624
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.55175017885621
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:u/8PHQUXb7xlObP3ydDSl85W8B1AIGDv5EMXMiO8lPmPLoDmoMfgQJCQ4:u/8PHQUZl+3ydDSl85lBxGDx2CPmDo
                                                                                                                                                                                                                                                                                                                                                                                MD5:B0A0DA1F2BE22B434DDAA0F3CDD90B1D
                                                                                                                                                                                                                                                                                                                                                                                SHA1:07D95BBDFFCA59670700BADADB8E6C446FC519CD
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:EA90E3273272BB393B18DE142964998D401F884E9EFBFBCCA0D021123B8A1DE1
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C6B00B88EA78D73579937551EC649FF2453A5C3B5E6C72AC071914A01E69D255FDFB0797B29D5CE2FEBC5C952C51E0658ADB59634F4C91F72CB4FD2EADDE0F77
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]||{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"18",. . "macros":[{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":true,"vtp_defaultValue":"false","vtp_name":"oneTrustRetrigger"},{"function":"__e"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"error.message"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"error.type"},{"function":"__u","vtp_component":"HOST","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__jsm","vtp_javascript":["template","(function(){var a=\"G-12345678\",b=window.location.hostname;\/(beta|backoffice(-uat)?)\\.ccleaner.com\/.test(b)?a=\"G-WL9M9EK1QK\":\/\\.ccleaner.com\/.test(b)\u0026\u0026(a=\"G-YG64G9XX0R\");return a})();"]},{"function":"__cid"},{"function":"__jsm","vtp_javascr

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 486

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 text, with very long lines (41169)
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):41172
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.505998162296305
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:j21xCdwV69Odf9dk1fV8iWUwcb9x8cvgBhpU9yC8IEVDlbth3Ia8DdEN:iP3kr8V8vShi98Iiph3IbC
                                                                                                                                                                                                                                                                                                                                                                                MD5:0AA5002702487976D570A640C408EBA5
                                                                                                                                                                                                                                                                                                                                                                                SHA1:48930F22A2396DF313CCDFCB91CAC20E38F2B06B
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:4E8276AEA0A3C7FE3600E6718C7F484D49C347C8D5763D89BE95900D526A14DA
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:37A9D609DB21EE1E696CB437C02F0F6410925EB10B6353C0CDF95DB265E342F0BC3D2AE1851D209E4517D978B7CCBE8AD56F98247FA865AE405FAFD4D2E62CDA
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:!function(){"use strict";function n(n,t,e){return t in n?Object.defineProperty(n,t,{value:e,enumerable:!0,configurable:!0,writable:!0}):n[t]=e,n}var t,e,r,i,o={ADVERTISING:"ADVERTISING",ANALYTICS_AND_RESEARCH:"ANALYTICS_AND_RESEARCH",FUNCTIONAL:"FUNCTIONAL"},a="GUEST",u="MEMBER",c=0,l=1,d=2,s=(n(t={},a,"li_gc"),n(t,u,"li_mc"),t),f=function vr(){var n=arguments.length>0&&arguments[0]!==undefined?arguments[0]:null,t=arguments.length>1&&arguments[1]!==undefined?arguments[1]:null,e=arguments.length>2&&arguments[2]!==undefined?arguments[2]:null,r=arguments.length>3&&arguments[3]!==undefined?arguments[3]:null;for(var i in function(n,t){if(!(n instanceof t))throw new TypeError("Cannot call a class as a function")}(this,vr),n=n||{},this.consentAvailable=!1,this.issuedAt=t,this.userMode=e,this.optedInConsentMap={},o)n[i]=n[i]||c,n[i]!==c&&(this.consentAvailable=!0),this.optedInConsentMap[i]=n[i]===l||n[i]===c&&r===l},v=(e=[o.ADVERTISING,o.ANALYTICS_AND_RESEARCH,o.FUNCTIONAL],r=[c,l,d,c],i=new R

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 487

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (21734), with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):21734
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.9745767337690445
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:384:VRc7fQD98C4VGojYmCy7qGAVsq1nwGfg4xqsQMPNE:cb7J
                                                                                                                                                                                                                                                                                                                                                                                MD5:81B852E2738D915BD205E94E604ADA01
                                                                                                                                                                                                                                                                                                                                                                                SHA1:B0FCF41960EC04CA22AE72D803B2BBC8CE4B9F5B
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:95950B3796AEA008402278B2354985D041CAD9714A798F808E1A9905A7BB073F
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:64A03BF8B3CF817ECEA3DACAE8781CA02AB1B2C990FD638660C43EC750A7BF9E765359B44614D77ACA2565EB98584E41C8AFB7A564413C0E2169C097590ED364
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:#onetrust-banner-sdk{-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}#onetrust-banner-sdk .onetrust-vendors-list-handler{cursor:pointer;color:#1f96db;font-size:inherit;font-weight:700;text-decoration:none;margin-left:5px}#onetrust-banner-sdk .onetrust-vendors-list-handler:hover{color:#1f96db}#onetrust-banner-sdk:focus{outline:2px solid #000;outline-offset:-2px}#onetrust-banner-sdk a:focus{outline:2px solid #000}#onetrust-banner-sdk #onetrust-accept-btn-handler,#onetrust-banner-sdk #onetrust-reject-all-handler,#onetrust-banner-sdk #onetrust-pc-btn-handler{outline-offset:1px}#onetrust-banner-sdk .ot-close-icon,#onetrust-pc-sdk .ot-close-icon,#ot-sync-ntfy .ot-close-icon{background-image:url(data:image/svg+xml;base64,PHN2ZyB2ZXJzaW9uPSIxLjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiIHg9IjBweCIgeT0iMHB4IiB3aWR0aD0iMzQ4LjMzM3B4IiBoZWlnaHQ9IjM0OC4zMzNweCIgdmlld0JveD0iMCAwIDM0OC4zMzMgMzQ4LjMzNCIgc3R5bGU9ImVuYWJsZS1iYWNrZ3Jv

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 488

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):998
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.1900107697582225
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:Y1c3mNH7P7yFwp+ink21KC/DCSa/4VJIYc1wGPlxOAi2WAJO3:Y17RzkWNfrtRVdc1wGPPjW+y
                                                                                                                                                                                                                                                                                                                                                                                MD5:E1D954C7F755F37A2A95EF7A48090CE6
                                                                                                                                                                                                                                                                                                                                                                                SHA1:CE4631F12D7ED0D1E0DA0D2343F2A61293A4934D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:99051AB74A5A783C86DF0766250F03A3C4B8B5DDDCF78597B99F2A74BDD74833
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C87B4A5D5BE82CE7E1E3DF637F12107443E287D13B5CB9230E49EABAF619B5D5A2A2D8B1955C11B06F79E0D022C310C6B98E09EAAA44F23A5DC5BAE24298D6A1
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:{"h.key":"KHFPC-EEZSQ-MPDZF-9BJVS-S3BCL","h.d":"arlid:733567","h.t":1732446928574,"h.cr":"31c6a6ecdd59d7f87b523f4a045020b67d1ae5c0-c4ef7263-37f3bacb","session_id":"e51da153-cf21-4320-9488-ed2e4f9238f7","site_domain":"arlid:733567","beacon_url":"//684d0d42.akstat.io/","autorun":true,"strip_query_string":true,"beacon_interval":60,"BW":{"enabled":false},"RT":{"session_exp":1800},"ResourceTiming":{"enabled":true,"splitAtPath":true},"Continuity":{"enabled":true},"PageParams":{"xhr":"none","pageGroups":[{"type":"Custom","parameter1":"nortonAnalytics.site_sub_section","on":["navigation"]},{"type":"Regexp","parameter1":"/inapp/","parameter2":"In App","on":["navigation"]}],"customMetrics":[],"customTimers":[],"customDimensions":[],"urlPatterns":[],"params":true},"Akamai":{"enabled":true,"mapping_xhr_base_url":"akamaihd.net","mapping_xhr_url_path":"/eum/getdns.txt","mapping_xhr_url_v4_prefix":"trial-eum-clientnsv4-s","mapping_xhr_url_v6_prefix":"trial-eum-clienttons-s"},"user_ip":"8.46.123.0"}

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 489

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 132x132, components 3
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):9878
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.9403680892771185
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:192:Q6PcNYBV4lgfBo9LAuRU8hT7ut5lmgAVABpYvhKzzAS:Q6PWYLLfOLAui8hXHGDVIS
                                                                                                                                                                                                                                                                                                                                                                                MD5:7895CB1F002CBE6FEFE3535878A3D9C3
                                                                                                                                                                                                                                                                                                                                                                                SHA1:9BEC6812D6B968CF4BBCE4CCDE8F0A969DE6BE74
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B8F3F81E29101C6A7EAB759A4A681298F3DDA8A99CB2459B32C40EE658E0D720
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:7D176C21C83AC715C7BCAE0C16CC4989834F0C1CC1FED02FF2FF88B937282D27957129FFF9ED1CA66971985A2870716A68071DA2CF83522545D9657404705849
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://cdn-production.ccleaner.com/site/cafopxlb/blog-author-alex.jpg
                                                                                                                                                                                                                                                                                                                                                                                Preview:......Exif..II*.................Ducky.......U......Adobe.d.................................................................................................................................................................................................................................................!..1...AQ".a2#.q.....B3$.Rb.....r.C.%E).......................!1...AQ.".aq.2.B#......3C$.............?..s.ZMi..8.....&Q.COm...m_D..`.d2.T.R..l..<..)s(e..Q.N."X....n.KvaAM.R.<.p..9Q.Q.U(..[...'.'....a..C..8.IY.NV\!.c...AI&.#.~..K...'!..~.O$.Y.MVA"?.....YY.......%z..K...G.....4E...HH.t...V...m(:..1...A.]..E......?...@.S.......p.&...YC....]2....d...u...s.#.O!.ct;.W.......I.*1...*Q.q....6E....2.09...Q..y....S.......$]e{..iuv.s..G(.<yVD.......ci3.\.HW.B.........P.;.5)..@.B>e..q;N_ .-.e.c.%&.9TCkXB...CiY?.t.........+....V...Vfg[.S. ..2.......f)Y.+..4vV./.BcTT...8..V.'5.Ci+...Rc..!!`...G..8.8b.'..x?.m;Lu2.d..\+J.$....i......u..Y,...t.c(...6E........!.A.}V.n...........

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 490

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (5552)
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):84191
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.374038726533203
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:RJeUwT76HXhpwPCHM9ZVK01QqSYTZ02LKVsdmpyKcicPXEjf:RIT7OXVs9ZVKBvYj8wKcHPG
                                                                                                                                                                                                                                                                                                                                                                                MD5:B89766C1A697179D91B09C9870A02183
                                                                                                                                                                                                                                                                                                                                                                                SHA1:4563F2628FAD371D6466102B49F64FBFDC0B819D
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:5B2FEF19178344F4051DBD4736F4C9F4A774303846617CADD265D86323EA42C7
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:A677115483CE6D9C1FD12CC64749B77EA4D84D46F8C0C02E7FAD1CFD98AB31C8515823432BB37EAD849B9FA08CF712677A67F81B4F7486560B15634D1B704159
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://connect.facebook.net/signals/config/2679475345708101?v=2.9.176&r=stable&domain=www.ccleaner.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
                                                                                                                                                                                                                                                                                                                                                                                Preview:/**.* Copyright (c) 2017-present, Facebook, Inc. All rights reserved..*.* You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook..*.* As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software..*.* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 491

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):1114
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.2986979758304145
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:24:tx1FuXMMQuMFMer0B6guLcDTukaLM/FD/6ScJzioWXQY/ikEKn:xEMF/ml9FDgzio1Gi3M
                                                                                                                                                                                                                                                                                                                                                                                MD5:18B77A3940E43F7FF4748948FBB24F53
                                                                                                                                                                                                                                                                                                                                                                                SHA1:E50C7C05E164F4359F000C819CCA78292DE017FD
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:7EC4FA739A14763783F1292F1E0A26069399C15F5ECD6DD7466960AF30BE9967
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C32E84914710C57E0043E62E13FE3EECECAA0C0E35D79031DC634CC3B9EF834753303E3FFF3A91D492A36F75F926FDE35A6DBC55352F7A55E1B5D75B1BD6214F
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:<svg width="23" height="18" viewBox="0 0 23 18" fill="none" xmlns="http://www.w3.org/2000/svg">.<path fill-rule="evenodd" clip-rule="evenodd" d="M20.5234 4.49988V5.08685C20.5353 9.80734 17.9767 14.1562 13.8553 16.4209C9.73384 18.6855 4.70987 18.5032 0.761719 15.9457C1.15076 15.9457 1.4428 16.0432 1.83288 16.0432C3.88371 16.0699 5.87982 15.3783 7.47864 14.0873C5.56282 14.0446 3.8836 12.7885 3.29308 10.9565C3.57782 11.0371 3.87382 11.07 4.1692 11.054C4.56505 11.0365 4.95732 10.9707 5.33736 10.858C3.24884 10.4368 1.74324 8.59744 1.73484 6.45678V6.3593C2.32926 6.69299 3.00138 6.86158 3.68212 6.84774C2.43036 6.02539 1.66487 4.63364 1.63784 3.131C1.62253 2.34112 1.82465 1.56235 2.22192 0.880614C4.5063 3.74082 7.91965 5.45593 11.5672 5.57633C11.5672 5.28285 11.4702 4.89189 11.4702 4.49988C11.4984 2.02658 13.4867 0.0284809 15.9478 0.000166529C17.2094 -0.0108344 18.4149 0.523668 19.2572 1.46758C20.2523 1.27218 21.207 0.908172 22.0806 0.391127C21.7534 1.4449 21.063 2.34687 20.1334 2.93499C21.030

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 492

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):2584
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.811369088836822
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:1j1F7tbZcPeBltVuZrP2OBlkE0IrQhi0IqmdtnhFZcO4XyReEUZT:1j1JcPfZrPBWiQhiaOnhPcZUq
                                                                                                                                                                                                                                                                                                                                                                                MD5:4C6F3DE823F62F41D3E6FBA169EAEDC0
                                                                                                                                                                                                                                                                                                                                                                                SHA1:598A304E6BF43026A0893B806B11706630CE7CCB
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:E22085101D303DF48A273F69D17393A20D3844D7E69CFDC701E4CD2D61357722
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:82D7B8BAE72B21A280F0318EA1405F2639AA714509529B5D5FD9C9009879B435588CB6E8FD91AE03EC24B0B3818B29D3093FA054ACA77CF82599A85625DE2405
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.PNG........IHDR... ... .....szz.....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............tIME......-.$I.....IDATX..kp]U...{.s..<.4iH..BiKy.C.t,.. V@."...:.V..:V.?.."PF>..H}.H..).-.R.......mBn....}.s..{..-...|.5..9..Z........u...g>..i/..k*j.q.1..m...hm.....e...V.?..:.....|b..7.bo.0.".[..E.8.Xk.ugH...cE....u)...v?...._......m.........P...T..\Y.-.....cE]X...3..0....5......&.&?...{.....T.u.W.>......%..f.]....~zY.H.m...p.3@._D.{.v..P,.&..`.%..p#.V....b....+...Y...p...........*..["@.D`C`c .F...K.8..qN$.C.&....`..$..Un...^0oe}9......... .....}OB..C...... `./&.F*S......A....1`m@...ZrE.-..-.M..'....S.l^<..w.C.c...:95+&.... ...X#v.:.....MU.....=..S...T...Kl.'{..-...X>.Q...6.b. ..k.D.YbG."tf|....@y.-'...........l...,...<5.....4..w.......D....,.bH"t'....o...bz.z.l7I;..X-..\W.$.).e.5a<.O.....l+...|.@.e.+.-..F..R....@H.,` .j}+:.!<ev=6.~.._.k.E...[*.T%.....^.m"....~...no.......K..B..H.....L.6.....&....H./y.^I......)....j..

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 493

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):25320
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.859135725488595
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:vSzVKa08CXq92rqhgDji5A1jWHdTmqJi0o:vSz0Ef92rqhQjqyyHdet
                                                                                                                                                                                                                                                                                                                                                                                MD5:8AF764F8DE1FEAA90054ECB9DDBED251
                                                                                                                                                                                                                                                                                                                                                                                SHA1:5BD24065B0D4BCFF007CD1C9DEF1EF2FC39465AF
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:99FECA634A96A742C1FB62B5D574720933E9164D9D1BA3C617F22CA87F58FA94
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:2E9769CE9FB6714380BEB585B267A42F23483B0B40524DF364FAE425AD24938770C132DDEC668DD65E9597675625F6A0DCA9CD0830F48D91B4184618B89F23E4
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://cdn-uat.ccleaner.com/site/43khe3ys/cc-logo-inline-black-text.svg
                                                                                                                                                                                                                                                                                                                                                                                Preview:<svg width="125" height="36" viewBox="0 0 125 36" fill="none" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink">.<rect width="39.2628" height="35.8833" fill="url(#pattern0)"/>.<path fill-rule="evenodd" clip-rule="evenodd" d="M49.9807 25.517C49.0129 25.517 48.1206 25.3365 47.3037 24.9754C46.4867 24.6143 45.7798 24.121 45.1828 23.4956C44.5858 22.8701 44.1176 22.1318 43.7783 21.2807C43.439 20.4295 43.2693 19.5204 43.2693 18.5531V18.5145C43.2693 17.5472 43.4358 16.6413 43.7689 15.7966C44.1019 14.9519 44.5701 14.2104 45.1734 13.572C45.7766 12.9337 46.493 12.4307 47.3225 12.0632C48.152 11.6957 49.0695 11.5119 50.075 11.5119C50.6782 11.5119 51.2281 11.5635 51.7245 11.6666C52.221 11.7698 52.6766 11.9149 53.0913 12.1019C53.5061 12.2889 53.8894 12.5113 54.2413 12.7693C54.5932 13.0272 54.9263 13.3109 55.2405 13.6204L53.7511 15.3807C53.2233 14.8778 52.664 14.4715 52.0733 14.162C51.4826 13.8525 50.8102 13.6978 50.0561 13.6978C49.4277 13.6978 48.8464 13.8235 48.3123 14.07

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 494

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):69
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.057426088150192
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:YGKeMfQ2pHWiR8HopHW4OE9HsuXU9WyRHfHyY:YGKed2pHD5YEl5k9zyY
                                                                                                                                                                                                                                                                                                                                                                                MD5:B04CD3F8043EF04F417D4B0E4BCBBC03
                                                                                                                                                                                                                                                                                                                                                                                SHA1:88F259A4AE3045409B3657E7D7A791D321BA9DCE
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:59E58524340CD7AD353BE010374B124C242FDDE10A0ED41047FE2FD4BB9E5A2E
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:A285C493B939D2A165D80F87FC830F5D02AFCC7A8EA1C5CAF9CAA87ABD286F1C98598FFD83023044BDB23D344C60EEF6A6C4BFEDEDD42A4297A0AC09E22FA5B2
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
                                                                                                                                                                                                                                                                                                                                                                                Preview:{"country":"US","state":"NY","stateName":"New York","continent":"NA"}

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 495

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):60295
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.474502986194847
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:5sbcBWhomYYifa6pWClzuz6c18CQ3HoQqhF:5cqv7duz6c18CQXSF
                                                                                                                                                                                                                                                                                                                                                                                MD5:307C87905FA5D5B11953ED7F67950381
                                                                                                                                                                                                                                                                                                                                                                                SHA1:F900B3F5518887B44E6C565AF7F6D7CCE853DDC0
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B74420758DE35D9E305C4BE91525ACE39BC3961B99841AB0624834B863B7CD01
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:E0A40C1756D9E8371B3B6AF6C4FC3814874DF7D871B0894E0E9823FD7E65CDE723E627F4C4D5CD545987768E47CE820B1DE1F360352BEF52D54488853EAD2C04
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://cdn.cookielaw.org/scripttemplates/6.36.0/assets/v2/otPcCenter.json
                                                                                                                                                                                                                                                                                                                                                                                Preview:. {. "name": "otPcCenter",. "html": "PGRpdiBpZD0ib25ldHJ1c3QtcGMtc2RrIiBjbGFzcz0ib3RQY0NlbnRlciBvdC1oaWRlIG90LWZhZGUtaW4iIGFyaWEtbW9kYWw9InRydWUiIHJvbGU9ImFsZXJ0ZGlhbG9nIiBhcmlhLWRlc2NyaWJlZGJ5PSJvdC1wYy1kZXNjIj48IS0tIENsb3NlIEJ1dHRvbiAtLT48ZGl2IGNsYXNzPSJvdC1wYy1oZWFkZXIiPjwhLS0gTG9nbyBUYWcgLS0+PGRpdiBjbGFzcz0ib3QtcGMtbG9nbyIgcm9sZT0iaW1nIiBhcmlhLWxhYmVsPSJDb21wYW55IExvZ28iPjwvZGl2PjxidXR0b24gaWQ9ImNsb3NlLXBjLWJ0bi1oYW5kbGVyIiBjbGFzcz0ib3QtY2xvc2UtaWNvbiIgYXJpYS1sYWJlbD0iQ2xvc2UiPjwvYnV0dG9uPjwvZGl2PjwhLS0gQ2xvc2UgQnV0dG9uIC0tPjxkaXYgaWQ9Im90LXBjLWNvbnRlbnQiIGNsYXNzPSJvdC1wYy1zY3JvbGxiYXIiPjxoMiBpZD0ib3QtcGMtdGl0bGUiPllvdXIgUHJpdmFjeTwvaDI+PGRpdiBpZD0ib3QtcGMtZGVzYyI+PC9kaXY+PGJ1dHRvbiBpZD0iYWNjZXB0LXJlY29tbWVuZGVkLWJ0bi1oYW5kbGVyIj5BbGxvdyBhbGw8L2J1dHRvbj48c2VjdGlvbiBjbGFzcz0ib3Qtc2RrLXJvdyBvdC1jYXQtZ3JwIj48aDMgaWQ9Im90LWNhdGVnb3J5LXRpdGxlIj5NYW5hZ2UgQ29va2llIFByZWZlcmVuY2VzPC9oMz48ZGl2IGNsYXNzPSJvdC1wbGktaGRyIj48c3BhbiBjbGFzcz0ib3QtbGktdGl0bGUiPkNvbnNlbn

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 496

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:HTML document, ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):26
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.469670487371862
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:qVZqz:qz0
                                                                                                                                                                                                                                                                                                                                                                                MD5:4E43C09312DA47F5D540BF874ECB46F7
                                                                                                                                                                                                                                                                                                                                                                                SHA1:AB25ABAE19ED156908C76D641F1449AA3F1724D5
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:6D0291F90718DC0537F65DC6A4F68D8E75F0A8A3A0B62836D9CF41350ECAF552
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:B86531F838FF48C2715313D50D433C74A57B15E8B6D515B86BFB031E3C4048AC9F0DB4AC7EE143890379A4A59808EF46929811AC938EB83C1E0547E4DDA2DFAF
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://amplify.outbrain.com/topics
                                                                                                                                                                                                                                                                                                                                                                                Preview:<html><bode></body></html>

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 497

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:GIF image data, version 89a, 1 x 1
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):53
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.324196936570766
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:CU7KNpKThE/xlSle:s2Eule
                                                                                                                                                                                                                                                                                                                                                                                MD5:414BD2A5161DB03FDD910327B42C6DAA
                                                                                                                                                                                                                                                                                                                                                                                SHA1:65D4CF50496813C5F1A34EDDD5C50DC67D44FF47
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B51F3497B0A65F1E1E87E75F5E7E823D871C23BCF76A5EE4101783C8F939E553
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:633F304A2024C3B6EBB92B3EED8059F8232C316D70FBE8EF353106C2105F7A9662D8FD935B89A5F10E09204C6886EDCE4FB1B19938123B7E057A34F2BF78FF85
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://tr.outbrain.com/unifiedPixel?au=false&bust=09954157885839694&referrer=&cht=ot&marketerId=001ac0827d67b7b38319c9517e7fa2f4cc&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.ccleaner.com%2Fknowledge%2Fccleaner-v6-30-11385%3Fcv%3Dv6-30-11385&g=1&zone=all&obApiVersion=1.1&obtpVersion=2.0.5
                                                                                                                                                                                                                                                                                                                                                                                Preview:GIF89a.............!.......,........@..D..;

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 498

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):2584
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.811369088836822
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:1j1F7tbZcPeBltVuZrP2OBlkE0IrQhi0IqmdtnhFZcO4XyReEUZT:1j1JcPfZrPBWiQhiaOnhPcZUq
                                                                                                                                                                                                                                                                                                                                                                                MD5:4C6F3DE823F62F41D3E6FBA169EAEDC0
                                                                                                                                                                                                                                                                                                                                                                                SHA1:598A304E6BF43026A0893B806B11706630CE7CCB
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:E22085101D303DF48A273F69D17393A20D3844D7E69CFDC701E4CD2D61357722
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:82D7B8BAE72B21A280F0318EA1405F2639AA714509529B5D5FD9C9009879B435588CB6E8FD91AE03EC24B0B3818B29D3093FA054ACA77CF82599A85625DE2405
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://s1.pir.fm/pf/favicons--AwgCBwYOBQc/favicon-32x32.png
                                                                                                                                                                                                                                                                                                                                                                                Preview:.PNG........IHDR... ... .....szz.....gAMA......a.... cHRM..z&..............u0...`..:....p..Q<....bKGD..............tIME......-.$I.....IDATX..kp]U...{.s..<.4iH..BiKy.C.t,.. V@."...:.V..:V.?.."PF>..H}.H..).-.R.......mBn....}.s..{..-...|.5..9..Z........u...g>..i/..k*j.q.1..m...hm.....e...V.?..:.....|b..7.bo.0.".[..E.8.Xk.ugH...cE....u)...v?...._......m.........P...T..\Y.-.....cE]X...3..0....5......&.&?...{.....T.u.W.>......%..f.]....~zY.H.m...p.3@._D.{.v..P,.&..`.%..p#.V....b....+...Y...p...........*..["@.D`C`c .F...K.8..qN$.C.&....`..$..Un...^0oe}9......... .....}OB..C...... `./&.F*S......A....1`m@...ZrE.-..-.M..'....S.l^<..w.C.c...:95+&.... ...X#v.:.....MU.....=..S...T...Kl.'{..-...X>.Q...6.b. ..k.D.YbG."tf|....@y.-'...........l...,...<5.....4..w.......D....,.bH"t'....o...bz.z.l7I;..X-..\W.$.).e.5a<.O.....l+...|.@.e.+.-..F..R....@H.,` .j}+:.!<ev=6.~.._.k.E...[*.T%.....^.m"....~...no.......K..B..H.....L.6.....&....H./y.^I......)....j..

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 499

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:C source, ASCII text, with very long lines (65097)
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):143567
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.356891815539283
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:Y6Xryf9h8RsEcEpP/dxHYxh+0Hu7l1zcgJwspJfl3dU0+ik2kQqNZVc7EWiK6cEQ:Y6XK9hMbY/+081afiqGH2jULziOzqy
                                                                                                                                                                                                                                                                                                                                                                                MD5:B1290DFC24CF0FA7FC8086F1B9DD99A3
                                                                                                                                                                                                                                                                                                                                                                                SHA1:9E3FF4C4B46853C46FB8F6BFA46939B92B1BCBB4
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B38B56CC66465707F7A28C32AAA60859276BF30D268EB6D3A90A02BFB6D74BA2
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:F3FAD1E09005557FA72FC402FD3024C15350A5C30A3532989253CD4E9D1523719B7C7C6A5EE673A2B86B61519C7E3E73FEBFAD60527F9774F59EA60FEB7288B1
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://s.go-mpulse.net/boomerang/KHFPC-EEZSQ-MPDZF-9BJVS-S3BCL
                                                                                                                                                                                                                                                                                                                                                                                Preview:/*. * Copyright (c) 2011, Yahoo! Inc. All rights reserved.. * Copyright (c) 2011-2012, Log-Normal, Inc. All rights reserved.. * Copyright (c) 2012-2017, SOASTA, Inc. All rights reserved.. * Copyright (c) 2017-2022, Akamai Technologies, Inc. All rights reserved.. * Copyrights licensed under the BSD License. See the accompanying LICENSE.txt file for terms.. */./* Boomerang Version: 1.766.60 c28975a504c1aa46de14fe358f4875ace2917401 */..BOOMR_start=(new Date).getTime();function BOOMR_check_doc_domain(e){if(window){if(!e){if(window.parent===window||!document.getElementById("boomr-if-as"))return;if(window.BOOMR&&BOOMR.boomerang_frame&&BOOMR.window)try{BOOMR.boomerang_frame.document.domain!==BOOMR.window.document.domain&&(BOOMR.boomerang_frame.document.domain=BOOMR.window.document.domain)}catch(t){BOOMR.isCrossOriginError(t)||BOOMR.addError(t,"BOOMR_check_doc_domain.domainFix")}e=document.domain}if(e&&-1!==e.indexOf(".")&&window.parent){try{window.parent.document;return}catch(t){try{documen

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 500

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (11812)
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):13187
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.393291814188906
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:192:zbnLA5tmjHCR/UeHjXWb2pTOnstdo5CpcN0WqRObyAzJ3Nz:zbnLfjURHjXo2BtcC/Oby0J3Nz
                                                                                                                                                                                                                                                                                                                                                                                MD5:F31EB825873ADAC869D4729C192E9C39
                                                                                                                                                                                                                                                                                                                                                                                SHA1:653EA77822A384FAE27629FE72ECC8ABE28F538C
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:17E35FDDCD5C236EEE53BE4CE71C9B4DA474CB64D52E43710E91B10850820547
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:55C43C1220E5C911430CDB4B63607AB65A40A88BB06BC66E5B912A6ACCDAAE8F8BCAC9833AF33C6DA7A9F6DE9586942D202EE49474BB3EBE873ABA84CEBCA2C2
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:window.hjSiteSettings = window.hjSiteSettings || {"site_id":857043,"rec_value":0.0,"state_change_listen_mode":"automatic_with_fragments","record":true,"continuous_capture_enabled":true,"recording_capture_keystrokes":false,"session_capture_console_consent":false,"anonymize_digits":true,"anonymize_emails":true,"suppress_all":false,"suppress_all_on_specific_pages":[],"suppress_text":false,"suppress_location":false,"user_attributes_enabled":false,"legal_name":"CCleaner Official Site","privacy_policy_url":"https://www.ccleaner.com/about/privacy-policy","deferred_page_contents":[],"record_targeting_rules":[],"feedback_widgets":[],"heatmaps":[],"polls":[],"integrations":{"optimizely":{"tag_recordings":false},"abtasty":{"tag_recordings":false},"kissmetrics":{"send_user_id":false},"mixpanel":{"send_events":false},"unbounce":{"tag_recordings":false},"hubspot":{"enabled":false,"send_recordings":false,"send_surveys":false}},"features":["ask.popover_redesign","client_script.compression.pc","csq_the

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 501

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:Unicode text, UTF-8 text, with very long lines (41169)
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):41172
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.505998162296305
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:768:j21xCdwV69Odf9dk1fV8iWUwcb9x8cvgBhpU9yC8IEVDlbth3Ia8DdEN:iP3kr8V8vShi98Iiph3IbC
                                                                                                                                                                                                                                                                                                                                                                                MD5:0AA5002702487976D570A640C408EBA5
                                                                                                                                                                                                                                                                                                                                                                                SHA1:48930F22A2396DF313CCDFCB91CAC20E38F2B06B
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:4E8276AEA0A3C7FE3600E6718C7F484D49C347C8D5763D89BE95900D526A14DA
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:37A9D609DB21EE1E696CB437C02F0F6410925EB10B6353C0CDF95DB265E342F0BC3D2AE1851D209E4517D978B7CCBE8AD56F98247FA865AE405FAFD4D2E62CDA
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://snap.licdn.com/li.lms-analytics/insight.min.js
                                                                                                                                                                                                                                                                                                                                                                                Preview:!function(){"use strict";function n(n,t,e){return t in n?Object.defineProperty(n,t,{value:e,enumerable:!0,configurable:!0,writable:!0}):n[t]=e,n}var t,e,r,i,o={ADVERTISING:"ADVERTISING",ANALYTICS_AND_RESEARCH:"ANALYTICS_AND_RESEARCH",FUNCTIONAL:"FUNCTIONAL"},a="GUEST",u="MEMBER",c=0,l=1,d=2,s=(n(t={},a,"li_gc"),n(t,u,"li_mc"),t),f=function vr(){var n=arguments.length>0&&arguments[0]!==undefined?arguments[0]:null,t=arguments.length>1&&arguments[1]!==undefined?arguments[1]:null,e=arguments.length>2&&arguments[2]!==undefined?arguments[2]:null,r=arguments.length>3&&arguments[3]!==undefined?arguments[3]:null;for(var i in function(n,t){if(!(n instanceof t))throw new TypeError("Cannot call a class as a function")}(this,vr),n=n||{},this.consentAvailable=!1,this.issuedAt=t,this.userMode=e,this.optedInConsentMap={},o)n[i]=n[i]||c,n[i]!==c&&(this.consentAvailable=!0),this.optedInConsentMap[i]=n[i]===l||n[i]===c&&r===l},v=(e=[o.ADVERTISING,o.ANALYTICS_AND_RESEARCH,o.FUNCTIONAL],r=[c,l,d,c],i=new R

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 502

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (64779)
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):76725
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.313616145439348
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:4qz0SxVdcNANA2AZLs1tUzBnIZOL494pK:4Y0SxVdn1tUzBnsl
                                                                                                                                                                                                                                                                                                                                                                                MD5:7E8D5BE9D03916BEDE0536528EAE1CB5
                                                                                                                                                                                                                                                                                                                                                                                SHA1:8BE7E461859FB27730ED7911CA987C565A9ABAEC
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:D97DF31991B134E0870FEC19CC20FF853974F3CC8E83B686E71F50E58840229A
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1F81B72B20640259726BDB2B68FBA00104FFCEEC1698597636CD166A70F312504192AAE892BE49D7F09DC6DE0089C86E4DDC0B1536BE71BCE9DC03FF7AD63D9D
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://siteintercept.qualtrics.com/dxjsmodule/10.397ed61a8c9d10842d69.chunk.js?Q_CLIENTVERSION=2.19.0&Q_CLIENTTYPE=web&Q_BRANDID=www.ccleaner.com
                                                                                                                                                                                                                                                                                                                                                                                Preview:./*@preserve.***Version 2.19.0***.*/../*@license. * Copyright 2002 - 2018 Qualtrics, LLC.. * All rights reserved.. *. * Notice: All code, text, concepts, and other information herein (collectively, the. * "Materials") are the sole property of Qualtrics, LLC, except to the extent. * otherwise indicated. The Materials are proprietary to Qualtrics and are protected. * under all applicable laws, including copyright, patent (as applicable), trade. * secret, and contract law. Disclosure or reproduction of any Materials is strictly. * prohibited without the express prior written consent of an authorized signatory. * of Qualtrics. For disclosure requests, please contact notice@qualtrics.com.. */..try {. (window["WAFQualtricsWebpackJsonP-cloud-2.19.0"]=window["WAFQualtricsWebpackJsonP-cloud-2.19.0"]||[]).push([[10],{16:function(e,t,n){"use strict";n.d(t,"a",(function(){return i})),n.d(t,"e",(function(){return r})),n.d(t,"f",(function(){retur

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 503

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):2
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                                                                                MD5:99914B932BD37A50B983C5E7C90AE93B
                                                                                                                                                                                                                                                                                                                                                                                SHA1:BF21A9E8FBC5A3846FB05B4FA0859E0917B2202F
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:44136FA355B3678A1146AD16F7E8649E94FB4FC21FE77E8310C060F61CAAFF8A
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:27C74670ADB75075FAD058D5CEAF7B20C4E7786C83BAE8A32F626F9782AF34C9A33C2046EF60FD2A7878D378E29FEC851806BBD9A67878F3A9F1CDA4830763FD
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://wave.outbrain.com/mtWavesBundler/handler/001ac0827d67b7b38319c9517e7fa2f4cc
                                                                                                                                                                                                                                                                                                                                                                                Preview:{}

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 504

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (9217)
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):244375
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.4541358501238815
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3072:pfLeYH8AtPJ137OeR8NteqZEbkxZNsucrl0xYurPK713EN:pfLeYc+PJxH8NNfFcrHurPK713C
                                                                                                                                                                                                                                                                                                                                                                                MD5:98A1AA6D0155EA8597C93CD050CE5808
                                                                                                                                                                                                                                                                                                                                                                                SHA1:C844C1CBAA79A4F09F50E2DF3F648B8B5AA6CB5E
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:527BF3DACC5EB62211130FE4BF315C682861320AB25B4AA2EFE6EA87A760DB8C
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:BB01621E0CBE1185D2167CEDB9517A29FE6537AE0E23254243DF90F36A66A0E1D91034E9A772E76C94FC1E1E969DB9082177777EC6085A752B3BCB9BC8B98BC2
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:/**.* Copyright (c) 2017-present, Facebook, Inc. All rights reserved..*.* You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook..*.* As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software..*.* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 505

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):8
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):2.5
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:x:x
                                                                                                                                                                                                                                                                                                                                                                                MD5:402E7A087747CB56C718BDE84651F96A
                                                                                                                                                                                                                                                                                                                                                                                SHA1:7CE01F6381463362CF6AEF2F843A59261E8F5587
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:662EFAF46C617DDBCB8FF4A2A8F64CFFD3D93630F1003F8E66511F369B87730F
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:5080D776D0B123F20E97D44472EF2343BC022105AA67FC802B71668BAEB74A81530355589D50B1142165D17EF995AEAC196B6C15136D518A1EC0ABFA13C91D10
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:Success!

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 506

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:HTML document, ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):13
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):2.7773627950641693
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:3:qVZPV:qzd
                                                                                                                                                                                                                                                                                                                                                                                MD5:C83301425B2AD1D496473A5FF3D9ECCA
                                                                                                                                                                                                                                                                                                                                                                                SHA1:941EFB7368E46B27B937D34B07FC4D41DA01B002
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:B633A587C652D02386C4F16F8C6F6AAB7352D97F16367C3C40576214372DD628
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:83BAFE4C888008AFDD1B72C028C7F50DEE651CA9E7D8E1B332E0BF3AA1315884155A1458A304F6E5C5627E714BF5A855A8B8D7DB3F4EB2BB2789FE2F8F6A1D83
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://td.doubleclick.net/td/ga/rul?tid=G-YG64G9XX0R&gacid=246986528.1732446933&gtm=45je4bk0v872524127za200zb9132702579&dma=0&gcs=G111&gcd=13t3t3t3t5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=492160558
                                                                                                                                                                                                                                                                                                                                                                                Preview:<html></html>

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 507

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (65455)
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):370595
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.357959393935795
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:DoafhCzhEqqpxYvc/L1uDpFcTDrgltBVJ61VW/NWKi848:cuqqpxY0gD4sGA
                                                                                                                                                                                                                                                                                                                                                                                MD5:53D714B01891BF0658E567A073B78F97
                                                                                                                                                                                                                                                                                                                                                                                SHA1:09986C8182F1FD1B1DFE917D841CEA9B8B51C005
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:00BAB1A0CA70BAE23E6E733C1B78045476A2D2688AA0C5CF26FC7EFA81CCAA0B
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:3CC182FBD3C026EEDAC9DF2A448240B26A7A84ACE4991AAB92282DC93F503BA14FEBD0BE0137E2FDF7C61014487BE9D6114435C1EC340AA85A46ABBB62B89F39
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://cdn.cookielaw.org/scripttemplates/6.36.0/otBannerSdk.js
                                                                                                                                                                                                                                                                                                                                                                                Preview:/** . * onetrust-banner-sdk. * v6.36.0. * by OneTrust LLC. * Copyright 2022 . */.!function(){"use strict";var o=function(e,t){return(o=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var o in t)t.hasOwnProperty(o)&&(e[o]=t[o])})(e,t)};var k,e,r=function(){return(r=Object.assign||function(e){for(var t,o=1,n=arguments.length;o<n;o++)for(var r in t=arguments[o])Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r]);return e}).apply(this,arguments)};function c(i,s,a,l){return new(a=a||Promise)(function(e,t){function o(e){try{r(l.next(e))}catch(e){t(e)}}function n(e){try{r(l.throw(e))}catch(e){t(e)}}function r(t){t.done?e(t.value):new a(function(e){e(t.value)}).then(o,n)}r((l=l.apply(i,s||[])).next())})}function C(o,n){var r,i,s,e,a={label:0,sent:function(){if(1&s[0])throw s[1];return s[1]},trys:[],ops:[]};return e={next:t(0),throw:t(1),return:t(2)},"function"==typeof Symbol&&(e[Symbol.iterator]=function(){return this}),e;function t(t){

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 508

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (55521)
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):315624
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.55175017885621
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:6144:u/8PHQUXb7xlObP3ydDSl85W8B1AIGDv5EMXMiO8lPmPLoDmoMfgQJCQ4:u/8PHQUZl+3ydDSl85lBxGDx2CPmDo
                                                                                                                                                                                                                                                                                                                                                                                MD5:B0A0DA1F2BE22B434DDAA0F3CDD90B1D
                                                                                                                                                                                                                                                                                                                                                                                SHA1:07D95BBDFFCA59670700BADADB8E6C446FC519CD
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:EA90E3273272BB393B18DE142964998D401F884E9EFBFBCCA0D021123B8A1DE1
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C6B00B88EA78D73579937551EC649FF2453A5C3B5E6C72AC071914A01E69D255FDFB0797B29D5CE2FEBC5C952C51E0658ADB59634F4C91F72CB4FD2EADDE0F77
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://www.googletagmanager.com/gtm.js?id=GTM-5HNSJRD&l=sdl
                                                                                                                                                                                                                                                                                                                                                                                Preview:.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]||{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"18",. . "macros":[{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":true,"vtp_defaultValue":"false","vtp_name":"oneTrustRetrigger"},{"function":"__e"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"error.message"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"error.type"},{"function":"__u","vtp_component":"HOST","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__jsm","vtp_javascript":["template","(function(){var a=\"G-12345678\",b=window.location.hostname;\/(beta|backoffice(-uat)?)\\.ccleaner.com\/.test(b)?a=\"G-WL9M9EK1QK\":\/\\.ccleaner.com\/.test(b)\u0026\u0026(a=\"G-YG64G9XX0R\");return a})();"]},{"function":"__cid"},{"function":"__jsm","vtp_javascr

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 509

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):3449
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.926074834907907
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:48:4/kVlYmUaJKKh8GUp+h/JjcRpF1KgKkKk+vq03o7zRglmwwqpSuj/aIWSNOzFBMa:ACjjJxRhhcRp/KgKWqPg1OmwlraIWvyM
                                                                                                                                                                                                                                                                                                                                                                                MD5:2762C41F3C1E53BBA80BFA292F400C57
                                                                                                                                                                                                                                                                                                                                                                                SHA1:154412F481373766508750B4BE71B06A894C454E
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:840E22A03F381F6D36CA630F17757FAEACC354FC41E9F4CBE660CCD32094E6AE
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:C6BE8A218F0007532E3AB567ADA2697530DCF2CF2E7278AF8459533FC0FD1A9BFC87B82FC55A63F6EFC44151757333BBAC57F7965E12CBDB635C527B5FB76E91
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://cdn-production.ccleaner.com/site/dzuhtv3v/instagram.svg
                                                                                                                                                                                                                                                                                                                                                                                Preview:<svg width="23" height="22" viewBox="0 0 23 22" fill="none" xmlns="http://www.w3.org/2000/svg">.<path fill-rule="evenodd" clip-rule="evenodd" d="M22.5859 6.49238C22.5873 5.57538 22.4211 4.66583 22.0954 3.80851C21.8538 3.06829 21.4348 2.39829 20.8749 1.85687C20.334 1.29588 19.6641 0.875568 18.9234 0.632562C18.0653 0.307156 17.1549 0.14106 16.2371 0.142447C14.6944 0.00949202 13.145 -0.0304431 11.5974 0.0228589C10.0919 -0.0278038 8.5848 0.0127868 7.08426 0.144408C6.16643 0.14302 5.25606 0.309117 4.39796 0.634523C3.65576 0.874974 2.98376 1.29329 2.44063 1.85295C1.88029 2.39426 1.46094 3.06427 1.21913 3.80459C0.893633 4.66327 0.728044 5.57418 0.730537 6.49238C0.595797 7.99139 0.555165 9.49736 0.608879 11.0014C0.55817 12.5055 0.598797 14.0113 0.730537 15.5105C0.729149 16.4275 0.895396 17.337 1.2211 18.1944C1.46262 18.9346 1.88163 19.6046 2.44161 20.146C2.98352 20.7055 3.65413 21.1241 4.39501 21.3654C5.25312 21.6908 6.16348 21.8569 7.08132 21.8555C8.58186 21.9872 10.089 22.0277 11.5945 21.977

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 511

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (58876), with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):58876
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.405683338218142
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:buY9NdAkLYPFvFkxF94zPnSJpSFDKNo5/H:buQdApFoF94zPnSJpSFDP5/H
                                                                                                                                                                                                                                                                                                                                                                                MD5:4328E910DE583AD53B3A7A76455AF005
                                                                                                                                                                                                                                                                                                                                                                                SHA1:E040010E5EF4121A3A163AACDC664D6AA4AFEC74
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:D4963B8AFEBFA0063B5D17B4C80F49BCE702A37EA5C9B91BB3C996BB9DEA4B60
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:F807BA8B0AE2D5387E93E292918EEB4D7D1AC7635566A38EE2E101FBE8A7C6C23E704770EFCB1401EB5D1385605CBFB15F0A840AC150770049D2A4D6CA9A0DFA
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://static.ads-twitter.com/uwt.js
                                                                                                                                                                                                                                                                                                                                                                                Preview:!function(){var t={6173:function(t,e,n){var r;t.exports=(r=r||function(t,e){var r;if("undefined"!=typeof window&&window.crypto&&(r=window.crypto),"undefined"!=typeof self&&self.crypto&&(r=self.crypto),"undefined"!=typeof globalThis&&globalThis.crypto&&(r=globalThis.crypto),!r&&"undefined"!=typeof window&&window.msCrypto&&(r=window.msCrypto),!r&&void 0!==n.g&&n.g.crypto&&(r=n.g.crypto),!r)try{r=n(2480)}catch(t){}var i=function(){if(r){if("function"==typeof r.getRandomValues)try{return r.getRandomValues(new Uint32Array(1))[0]}catch(t){}if("function"==typeof r.randomBytes)try{return r.randomBytes(4).readInt32LE()}catch(t){}}throw new Error("Native crypto module could not be used to get secure random number.")},o=Object.create||function(){function t(){}return function(e){var n;return t.prototype=e,n=new t,t.prototype=null,n}}(),a={},c=a.lib={},u=c.Base={extend:function(t){var e=o(this);return t&&e.mixIn(t),e.hasOwnProperty("init")&&this.init!==e.init||(e.init=function(){e.$super.init.apply

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 512

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):123729
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.265922715765138
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:/BHi77oJ1xEPg2FuN/couhglkqKg8/Ev01L3Inhxrmc9NyB+01b50:/BwUwPxA/pETqx6Es1LInfrmc9+h9O
                                                                                                                                                                                                                                                                                                                                                                                MD5:8FDEF0C1E8850D0C97DDA608F0BF891C
                                                                                                                                                                                                                                                                                                                                                                                SHA1:3A35526C86D5ECA2CC1CA5BFE47D4F00A7F0EF30
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:0830994C5C05693539A9D8BCD3649A3B5F2AAC58A9845D16F495BD53C5811F80
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:E8120C3B85C8E7FEC25589A98F0C00A54B77840717B842B7E9AC78B6B3CEE180C57F7471BC2A30A3AC97E7BF8878432E1A39F9F15FF5DED436C7EA1DD5EC2310
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:var Vue=function(o){"use strict";function e(e,t){const n=Object.create(null),o=e.split(",");for(let e=0;e<o.length;e++)n[o[e]]=!0;return t?e=>!!n[e.toLowerCase()]:e=>!!n[e]}const n=e("Infinity,undefined,NaN,isFinite,isNaN,parseFloat,parseInt,decodeURI,decodeURIComponent,encodeURI,encodeURIComponent,Math,Number,Date,Array,Object,Boolean,String,RegExp,Map,Set,JSON,Intl,BigInt"),d=e("itemscope,allowfullscreen,formnovalidate,ismap,nomodule,novalidate,readonly");function h(e){return!!e||""===e}function l(t){if(J(t)){const r={};for(let e=0;e<t.length;e++){var n=t[e],o=($(n)?s:l)(n);if(o)for(const t in o)r[t]=o[t]}return r}return $(t)||Z(t)?t:void 0}const t=/;(?![^(]*\))/g,r=/:(.+)/;function s(e){const n={};return e.split(t).forEach(e=>{if(e){const t=e.split(r);1<t.length&&(n[t[0].trim()]=t[1].trim())}}),n}function c(t){let n="";if($(t))n=t;else if(J(t))for(let e=0;e<t.length;e++){var o=c(t[e]);o&&(n+=o+" ")}else if(Z(t))for(const e in t)t[e]&&(n+=e+" ");return n.trim()}const i=e("html,body,b

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 513

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:PNG image data, 76 x 62, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):4922
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.954251681986302
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:96:HSCfkqa4GD/qXHzHPScjMXPiIhVafV6tnkHBIrvhqvUl7iUFahjVgeV+t0OZ9sx1:HSYOPDqHzHPVGqIvafwSHujAoOUFaYeL
                                                                                                                                                                                                                                                                                                                                                                                MD5:D42DDB89DC000BFC6BB752E25D9E5BEA
                                                                                                                                                                                                                                                                                                                                                                                SHA1:716579BF2DBAA96F0BFB5CB0FF730E007F112539
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:0625658ED9F7032B0BEFA68A51A0C6675A0E26451D86017CC4AE1AE20DA0F21D
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:B7212D1DA761DC85516469D42CB06893C6742C1DE01F81A1887C49BD808134F23DACE4D6254D8B7D47463E6D7DD9EB9679CDC8D70B49611240073C80FCB2440B
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:.PNG........IHDR...L...>......}......pHYs.................sRGB.........gAMA......a.....IDATx..\.p..y....l..)....@mb.....n..@...eZ....d...4..4.iCh..i...43.LJ...S^1`Zl\...~.lYo.JW.w.{..9g_.!].>2.=G.{..y|...^.?.Y..G@-.{b..g....y....F..a....>.iZ.4.I...lm....}.....@....~7.F&rcN.}..3.fd.m...h..6. .0....d..T........|.n...`..cF.2Y.BxH..a.aI.7..?L.qnO..CT....s...F..`..{r.}..[`.K...[..n...,*.LN.....y....N.A.f.f.Oj.*l.!.(.i.....0.6h..H<k.q.`u........v.A....$.{X.........D...W.y..J..?...W....Y....H.-..4&..@k.`..4-2.#.A...L....4....x......R.(8.~$.....<iH...Mt....t..?.J.~..+@.sU.L..C...f..zU...O:..`C...c(....`...jH+. .~.....GM..*p..o.9.b....9..wO].....{.=.IcX..b.. {".<...o..By..H....7...K..G..@b...+..X..*..j)..INO..B......i.......q....=t.......u.==.....|l.2.....`..H....;..)...8.E.K......5p..w...Sh<..9..;..u...$qi ....$.]..%.8t|.O>{.u.0.-.....0,O.....w...0..I.Bqy..._....b..4(,\YHq.\%d.....;..z..n.O.'D/...>..e...k......b....q>_0y4k.h...%...n...._.zU.}....M.

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 514

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:JSON data
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):9507
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.3592270038592424
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:192:ebkfPUyAQgtNBIWguxw68uCItctpwfTh3fYwuoOE5YBTi+1POyj/0Pp5b5LfvEf0:PSN9cO51r
                                                                                                                                                                                                                                                                                                                                                                                MD5:4D67D7FCE83E8D073C84E4D5B5936E71
                                                                                                                                                                                                                                                                                                                                                                                SHA1:E02711957EA1C637BE41485526C65E4B56C55FD3
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:1DA25CF82F065474AADCE40A8C7369F6DF48E1847CB95C21BD9083488EFF7390
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:1E9D7565BEF92D1C2DA126245D6392176D29A4BE7F1B4623FB367B4C345AA5381EB9022ECD3317CC946B48E2AF89073C80EDCEE0FC121073C88643B191D8E4D0
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:. {. "name": "otCenterRounded",. "html": "PGRpdiBpZD0ib25ldHJ1c3QtYmFubmVyLXNkayIgY2xhc3M9Im90Q2VudGVyUm91bmRlZCI+PGRpdiBjbGFzcz0ib3Qtc2RrLWNvbnRhaW5lciIgcm9sZT0iYWxlcnRkaWFsb2ciIGFyaWEtZGVzY3JpYmVkYnk9Im9uZXRydXN0LXBvbGljeS10ZXh0Ij48ZGl2IGNsYXNzPSJvdC1zZGstcm93Ij48ZGl2IGlkPSJvbmV0cnVzdC1ncm91cC1jb250YWluZXIiIGNsYXNzPSJvdC1zZGstdHdlbHZlIG90LXNkay1jb2x1bW5zIj48ZGl2IGlkPSJvbmV0cnVzdC1wb2xpY3kiPjxkaXYgY2xhc3M9ImJhbm5lci1oZWFkZXIiPjxkaXYgY2xhc3M9ImJhbm5lcl9sb2dvIj48L2Rpdj48L2Rpdj48aDIgaWQ9Im9uZXRydXN0LXBvbGljeS10aXRsZSI+VGl0bGU8L2gyPjxwIGlkPSJvbmV0cnVzdC1wb2xpY3ktdGV4dCI+dGV4dDxhIGhyZWY9IiMiPnBvbGljeTwvYT48L3A+PGRpdiBjbGFzcz0ib3QtZHBkLWNvbnRhaW5lciI+PGgzIGNsYXNzPSJvdC1kcGQtdGl0bGUiPjwvaDM+PGRpdiBjbGFzcz0ib3QtZHBkLWNvbnRlbnQiPjxwIGNsYXNzPSJvdC1kcGQtZGVzYyI+PC9wPjwvZGl2PjwvZGl2PjwvZGl2PjxkaXYgaWQ9ImJhbm5lci1vcHRpb25zIj48ZGl2IGNsYXNzPSJiYW5uZXItb3B0aW9uIj48YnV0dG9uIGFyaWEtZXhwYW5kZWQ9ImZhbHNlIiBjbGFzcz0iYmFubmVyLW9wdGlvbi1pbnB1dCI+PHNwYW4gY2xhc3M9ImJhb

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 515

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):5194
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):3.976628767895142
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:96:mD6VAMcWnVRSNUrN3Sky4gNeLSYiJ7iFsAkl2+heNm7iprXbep5DkoG23b+WYYY:p9bSNURZyNNnRJqsAehheImprmDkozYV
                                                                                                                                                                                                                                                                                                                                                                                MD5:63E737D3544164D2B7F4FBCA416AC807
                                                                                                                                                                                                                                                                                                                                                                                SHA1:030370AA38715E4C41589633F69D0BFE8255D46C
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:5FA00D047ACD959697B9D7772C31DCD37BEC33C70C6FBF80AB8316205D1D286D
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:31EE1BB536C0E50F5568A415EA3308367BFCFD11D2A6F7DFF1C8E3A982F7BE790C240A603CD4C6E187672824B8E5D07646049A28C6A88A7B001EB9A0142F312B
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
                                                                                                                                                                                                                                                                                                                                                                                Preview:<svg height="16" width="136" data-name="Layer 1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 136 14.6"><defs><clipPath id="a"><path fill="none" d="M53.76 0H136v14.6H53.76z"/></clipPath></defs><path d="M0 12.3V5.59h2.27a2.62 2.62 0 011.29.28 1.83 1.83 0 01.74.77 2.25 2.25 0 01.25 1.07 2.26 2.26 0 01-.25 1.08 1.77 1.77 0 01-.74.77 2.55 2.55 0 01-1.28.29H.66v-.72h1.59a1.81 1.81 0 00.87-.19 1.1 1.1 0 00.48-.5 1.73 1.73 0 00.15-.73A1.66 1.66 0 003.6 7a1.1 1.1 0 00-.48-.5 1.86 1.86 0 00-.88-.18H.81v6zm7.74.1a2.29 2.29 0 01-1.2-.32 2.29 2.29 0 01-.8-.91 3.06 3.06 0 01-.28-1.36 3.07 3.07 0 01.28-1.37 2.14 2.14 0 012-1.24 2.14 2.14 0 012 1.24A3.07 3.07 0 0110 9.81a3.06 3.06 0 01-.29 1.36 2.11 2.11 0 01-2 1.23zm0-.69a1.31 1.31 0 00.85-.27 1.6 1.6 0 00.5-.69 2.9 2.9 0 00.16-.94 2.85 2.85 0 00-.16-.94 1.67 1.67 0 00-.5-.71 1.37 1.37 0 00-.85-.26 1.35 1.35 0 00-.85.26 1.67 1.67 0 00-.5.71 2.85 2.85 0 00-.16.94 2.9 2.9 0 00.16.94 1.6 1.6 0 00.5.69 1.29 1.29 0 00.85.27zm4.43.59l-1.54-5h.82l1.08 3

                                                                                                                                                                                                                                                                                                                                                                                Chrome Cache Entry: 516

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with very long lines (65536), with no line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:downloaded
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):123729
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):5.265922715765138
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1536:/BHi77oJ1xEPg2FuN/couhglkqKg8/Ev01L3Inhxrmc9NyB+01b50:/BwUwPxA/pETqx6Es1LInfrmc9+h9O
                                                                                                                                                                                                                                                                                                                                                                                MD5:8FDEF0C1E8850D0C97DDA608F0BF891C
                                                                                                                                                                                                                                                                                                                                                                                SHA1:3A35526C86D5ECA2CC1CA5BFE47D4F00A7F0EF30
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:0830994C5C05693539A9D8BCD3649A3B5F2AAC58A9845D16F495BD53C5811F80
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:E8120C3B85C8E7FEC25589A98F0C00A54B77840717B842B7E9AC78B6B3CEE180C57F7471BC2A30A3AC97E7BF8878432E1A39F9F15FF5DED436C7EA1DD5EC2310
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                URL:https://www.ccleaner.com/scripts/vendor/vue.global.prod.min-3.2.21.js?v=1.0.123
                                                                                                                                                                                                                                                                                                                                                                                Preview:var Vue=function(o){"use strict";function e(e,t){const n=Object.create(null),o=e.split(",");for(let e=0;e<o.length;e++)n[o[e]]=!0;return t?e=>!!n[e.toLowerCase()]:e=>!!n[e]}const n=e("Infinity,undefined,NaN,isFinite,isNaN,parseFloat,parseInt,decodeURI,decodeURIComponent,encodeURI,encodeURIComponent,Math,Number,Date,Array,Object,Boolean,String,RegExp,Map,Set,JSON,Intl,BigInt"),d=e("itemscope,allowfullscreen,formnovalidate,ismap,nomodule,novalidate,readonly");function h(e){return!!e||""===e}function l(t){if(J(t)){const r={};for(let e=0;e<t.length;e++){var n=t[e],o=($(n)?s:l)(n);if(o)for(const t in o)r[t]=o[t]}return r}return $(t)||Z(t)?t:void 0}const t=/;(?![^(]*\))/g,r=/:(.+)/;function s(e){const n={};return e.split(t).forEach(e=>{if(e){const t=e.split(r);1<t.length&&(n[t[0].trim()]=t[1].trim())}}),n}function c(t){let n="";if($(t))n=t;else if(J(t))for(let e=0;e<t.length;e++){var o=c(t[e]);o&&(n+=o+" ")}else if(Z(t))for(const e in t)t[e]&&(n+=e+" ");return n.trim()}const i=e("html,body,b

                                                                                                                                                                                                                                                                                                                                                                                \Device\ConDrv

                                                                                                                                                                                                                                                                                                                                                                                Download File
                                                                                                                                                                                                                                                                                                                                                                                Process:C:\Program Files\CCleaner\CCleanerCrashDump.exe
                                                                                                                                                                                                                                                                                                                                                                                File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                                                                                Category:dropped
                                                                                                                                                                                                                                                                                                                                                                                Size (bytes):617
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):4.640609359747979
                                                                                                                                                                                                                                                                                                                                                                                Encrypted:false
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:12:o5y6UHYDZgVy6p2+AYDjBLfq/Ftjy6U7iYDBbR3Hi3y6U7iYDrI:o5M5VVvhq/FtjM7dC3M79I
                                                                                                                                                                                                                                                                                                                                                                                MD5:3048838AA89F1720F2C2E73EF7237220
                                                                                                                                                                                                                                                                                                                                                                                SHA1:5A9B1D969F9C54F64DD78E874DDC49D036128E1A
                                                                                                                                                                                                                                                                                                                                                                                SHA-256:BDFF57D013F40CC95FD886CDA58100234C343220CE7E944770FDC1F3C37EF225
                                                                                                                                                                                                                                                                                                                                                                                SHA-512:CB432EBAD5CAAAEE215405828BB22FB18BC2794DA5E5D78C63457F3937B0559702E75FEBE3C60B7AF6BA03BB5A695BF7BD715867320D013131B24680A039474A
                                                                                                                                                                                                                                                                                                                                                                                Malicious:false
                                                                                                                                                                                                                                                                                                                                                                                Reputation:unknown
                                                                                                                                                                                                                                                                                                                                                                                Preview:[2024-11-24 11:15:56.494] [info ] [dump ] [ 4416: 7064] [BA3DC1: 185] Dumpmaster is arming...[2024-11-24 11:15:56.494] [notice ] [dump ] [ 4416: 7064] [BA3DC1: 239] Minimum interval between dumps (60 minutes) was not yet reached as last dump was created 1 minutes ago. No dump was created...[2024-11-24 11:15:56.494] [info ] [log_module ] [ 4416: 7064] [85DA1B: 31] LogModule is going to be destroyed...[2024-11-24 11:15:56.494] [info ] [log_module ] [ 4416: 7064] [85DA1B: 32] =====================================================================================================================..

                                                                                                                                                                                                                                                                                                                                                                                Static File Info

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                File type:PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
                                                                                                                                                                                                                                                                                                                                                                                Entropy (8bit):7.999986324072468
                                                                                                                                                                                                                                                                                                                                                                                TrID:
                                                                                                                                                                                                                                                                                                                                                                                • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                                                                                                                                                                                                                • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                                                                                                                                                                                • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                                                                                                                                                                                • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                                                                                                                                                                File name:lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                File size:86'349'752 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5:d12d2a0f8909a768683f6c548205e955
                                                                                                                                                                                                                                                                                                                                                                                SHA1:2fccbec13bc847741b7cdd85cbdd560af59d96e1
                                                                                                                                                                                                                                                                                                                                                                                SHA256:5c48490b288fbb3b9d7b17aebc15b0f76edc4339029cadf91b28113111c2b20b
                                                                                                                                                                                                                                                                                                                                                                                SHA512:18fe911c0983dbfade6cf6227d9c8df9450e37282f0d07e67b3001f2e9e088a0f15de3b5e06bfc8446f657ca73443e2f45886cb0bf51f196d5a1ac0f931213ce
                                                                                                                                                                                                                                                                                                                                                                                SSDEEP:1572864:hinrq1x/6ILJGNzszAIytgiYdIootePh6+6GxMblmFHOZF4LZh:hiryxvoky85oQPb6EMblNZF4LZh
                                                                                                                                                                                                                                                                                                                                                                                TLSH:E318333B4BF5D3ABEA91DD72930D09258F2A5E4A77C49A5257B793387D63F06E030022
                                                                                                                                                                                                                                                                                                                                                                                File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1...Pf..Pf..Pf.*_9..Pf..Pg.LPf.*_;..Pf..sV..Pf..V`..Pf.Rich.Pf.........................PE..L.....Oa.................h.......@.

                                                                                                                                                                                                                                                                                                                                                                                File Icon

                                                                                                                                                                                                                                                                                                                                                                                Icon Hash:29226ee6b692c62f

                                                                                                                                                                                                                                                                                                                                                                                Static PE Info

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Entrypoint:0x403640
                                                                                                                                                                                                                                                                                                                                                                                Entrypoint Section:.text
                                                                                                                                                                                                                                                                                                                                                                                Digitally signed:true
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x400000
                                                                                                                                                                                                                                                                                                                                                                                Subsystem:windows gui
                                                                                                                                                                                                                                                                                                                                                                                Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
                                                                                                                                                                                                                                                                                                                                                                                DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                                                                                                                                                Time Stamp:0x614F9D02 [Sat Sep 25 22:04:50 2021 UTC]
                                                                                                                                                                                                                                                                                                                                                                                TLS Callbacks:
                                                                                                                                                                                                                                                                                                                                                                                CLR (.Net) Version:
                                                                                                                                                                                                                                                                                                                                                                                OS Version Major:4
                                                                                                                                                                                                                                                                                                                                                                                OS Version Minor:0
                                                                                                                                                                                                                                                                                                                                                                                File Version Major:4
                                                                                                                                                                                                                                                                                                                                                                                File Version Minor:0
                                                                                                                                                                                                                                                                                                                                                                                Subsystem Version Major:4
                                                                                                                                                                                                                                                                                                                                                                                Subsystem Version Minor:0
                                                                                                                                                                                                                                                                                                                                                                                Import Hash:61259b55b8912888e90f516ca08dc514

                                                                                                                                                                                                                                                                                                                                                                                Authenticode Signature

                                                                                                                                                                                                                                                                                                                                                                                Signature Valid:true
                                                                                                                                                                                                                                                                                                                                                                                Signature Issuer:CN=GlobalSign GCC R45 EV CodeSigning CA 2020, O=GlobalSign nv-sa, C=BE
                                                                                                                                                                                                                                                                                                                                                                                Signature Validation Error:The operation completed successfully
                                                                                                                                                                                                                                                                                                                                                                                Error Number:0
                                                                                                                                                                                                                                                                                                                                                                                Not Before, Not After
                                                                                                                                                                                                                                                                                                                                                                                • 11/03/2024 03:54:22 12/03/2025 03:54:22
                                                                                                                                                                                                                                                                                                                                                                                Subject Chain
                                                                                                                                                                                                                                                                                                                                                                                • CN="Nine Rivers Sky Roar Commit Trade Co., Ltd.", O="Nine Rivers Sky Roar Commit Trade Co., Ltd.", L=Jiujiang, S=Jiangxi, C=CN, OID.1.3.6.1.4.1.311.60.2.1.1=Jiujiang, OID.1.3.6.1.4.1.311.60.2.1.2=Jiangxi, OID.1.3.6.1.4.1.311.60.2.1.3=CN, SERIALNUMBER=91360402MACHADCC93, OID.2.5.4.15=Private Organization
                                                                                                                                                                                                                                                                                                                                                                                Version:3
                                                                                                                                                                                                                                                                                                                                                                                Thumbprint MD5:4E0565C4F6C07E840699BFFCEE8DD860
                                                                                                                                                                                                                                                                                                                                                                                Thumbprint SHA-1:2DAE7C97B1CE082B6FA5B6CC0786BAD87AFEF563
                                                                                                                                                                                                                                                                                                                                                                                Thumbprint SHA-256:79B622C069BAB2F8C1A6D838E61F062D8486C32D469980AF9BF7BC2E0DF9062F
                                                                                                                                                                                                                                                                                                                                                                                Serial:01F61D5311CEDD61DEE28CAA

                                                                                                                                                                                                                                                                                                                                                                                Entrypoint Preview

                                                                                                                                                                                                                                                                                                                                                                                Instruction
                                                                                                                                                                                                                                                                                                                                                                                push ebp
                                                                                                                                                                                                                                                                                                                                                                                mov ebp, esp
                                                                                                                                                                                                                                                                                                                                                                                sub esp, 000003F4h
                                                                                                                                                                                                                                                                                                                                                                                push ebx
                                                                                                                                                                                                                                                                                                                                                                                push esi
                                                                                                                                                                                                                                                                                                                                                                                push edi
                                                                                                                                                                                                                                                                                                                                                                                push 00000020h
                                                                                                                                                                                                                                                                                                                                                                                pop edi
                                                                                                                                                                                                                                                                                                                                                                                xor ebx, ebx
                                                                                                                                                                                                                                                                                                                                                                                push 00008001h
                                                                                                                                                                                                                                                                                                                                                                                mov dword ptr [ebp-14h], ebx
                                                                                                                                                                                                                                                                                                                                                                                mov dword ptr [ebp-04h], 0040A230h
                                                                                                                                                                                                                                                                                                                                                                                mov dword ptr [ebp-10h], ebx
                                                                                                                                                                                                                                                                                                                                                                                call dword ptr [004080C8h]
                                                                                                                                                                                                                                                                                                                                                                                mov esi, dword ptr [004080CCh]
                                                                                                                                                                                                                                                                                                                                                                                lea eax, dword ptr [ebp-00000140h]
                                                                                                                                                                                                                                                                                                                                                                                push eax
                                                                                                                                                                                                                                                                                                                                                                                mov dword ptr [ebp-0000012Ch], ebx
                                                                                                                                                                                                                                                                                                                                                                                mov dword ptr [ebp-2Ch], ebx
                                                                                                                                                                                                                                                                                                                                                                                mov dword ptr [ebp-28h], ebx
                                                                                                                                                                                                                                                                                                                                                                                mov dword ptr [ebp-00000140h], 0000011Ch
                                                                                                                                                                                                                                                                                                                                                                                call esi
                                                                                                                                                                                                                                                                                                                                                                                test eax, eax
                                                                                                                                                                                                                                                                                                                                                                                jne 00007F23B4C1658Ah
                                                                                                                                                                                                                                                                                                                                                                                lea eax, dword ptr [ebp-00000140h]
                                                                                                                                                                                                                                                                                                                                                                                mov dword ptr [ebp-00000140h], 00000114h
                                                                                                                                                                                                                                                                                                                                                                                push eax
                                                                                                                                                                                                                                                                                                                                                                                call esi
                                                                                                                                                                                                                                                                                                                                                                                mov ax, word ptr [ebp-0000012Ch]
                                                                                                                                                                                                                                                                                                                                                                                mov ecx, dword ptr [ebp-00000112h]
                                                                                                                                                                                                                                                                                                                                                                                sub ax, 00000053h
                                                                                                                                                                                                                                                                                                                                                                                add ecx, FFFFFFD0h
                                                                                                                                                                                                                                                                                                                                                                                neg ax
                                                                                                                                                                                                                                                                                                                                                                                sbb eax, eax
                                                                                                                                                                                                                                                                                                                                                                                mov byte ptr [ebp-26h], 00000004h
                                                                                                                                                                                                                                                                                                                                                                                not eax
                                                                                                                                                                                                                                                                                                                                                                                and eax, ecx
                                                                                                                                                                                                                                                                                                                                                                                mov word ptr [ebp-2Ch], ax
                                                                                                                                                                                                                                                                                                                                                                                cmp dword ptr [ebp-0000013Ch], 0Ah
                                                                                                                                                                                                                                                                                                                                                                                jnc 00007F23B4C1655Ah
                                                                                                                                                                                                                                                                                                                                                                                and word ptr [ebp-00000132h], 0000h
                                                                                                                                                                                                                                                                                                                                                                                mov eax, dword ptr [ebp-00000134h]
                                                                                                                                                                                                                                                                                                                                                                                movzx ecx, byte ptr [ebp-00000138h]
                                                                                                                                                                                                                                                                                                                                                                                mov dword ptr [00470318h], eax
                                                                                                                                                                                                                                                                                                                                                                                xor eax, eax
                                                                                                                                                                                                                                                                                                                                                                                mov ah, byte ptr [ebp-0000013Ch]
                                                                                                                                                                                                                                                                                                                                                                                movzx eax, ax
                                                                                                                                                                                                                                                                                                                                                                                or eax, ecx
                                                                                                                                                                                                                                                                                                                                                                                xor ecx, ecx
                                                                                                                                                                                                                                                                                                                                                                                mov ch, byte ptr [ebp-2Ch]
                                                                                                                                                                                                                                                                                                                                                                                movzx ecx, cx
                                                                                                                                                                                                                                                                                                                                                                                shl eax, 10h
                                                                                                                                                                                                                                                                                                                                                                                or eax, ecx

                                                                                                                                                                                                                                                                                                                                                                                Rich Headers

                                                                                                                                                                                                                                                                                                                                                                                Programming Language:
                                                                                                                                                                                                                                                                                                                                                                                • [EXP] VC++ 6.0 SP5 build 8804

                                                                                                                                                                                                                                                                                                                                                                                Data Directories

                                                                                                                                                                                                                                                                                                                                                                                NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_IMPORT0x85040xa0.rdata
                                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_RESOURCE0x4110000x8a98.rsrc
                                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_SECURITY0x5256e880x2930
                                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_IAT0x80000x2b0.rdata
                                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                                                                                                                                                                IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                                                                                                                                                                Sections

                                                                                                                                                                                                                                                                                                                                                                                NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                                                                                                                                                .text0x10000x66760x6800d01cd60c08ad4410541807ebc6d4a26fFalse0.6570763221153846data6.415810447422783IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                                                                .rdata0x80000x139a0x14008c5edfd8ff9cc0135e197611be38ca18False0.4498046875data5.141066817170598IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                                                                                                                .data0xa0000x663780x600c7e50177934aec2fcddfd0aceaf14b43False0.5091145833333334data4.106448979512574IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                                                                                                                .ndata0x710000x3a00000x0d41d8cd98f00b204e9800998ecf8427eunknownunknownunknownunknownIMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                                                                                                                .rsrc0x4110000x8a980x8c0018fdce67c4611f4d4aae96d1f79bc8b5False0.342578125data4.901315017663617IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                                                                                                                                                                                Resources

                                                                                                                                                                                                                                                                                                                                                                                NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                                                                                                                                                                RT_ICON0x4119600x25a8Device independent bitmap graphic, 48 x 96 x 32, image size 9600EnglishUnited States0.4141078838174274
                                                                                                                                                                                                                                                                                                                                                                                RT_ICON0x413f080x10a8Device independent bitmap graphic, 32 x 64 x 32, image size 4224EnglishUnited States0.6683864915572233
                                                                                                                                                                                                                                                                                                                                                                                RT_ICON0x414fb00x8a8Device independent bitmap graphic, 32 x 64 x 8, image size 1024, 256 important colorsEnglishUnited States0.5455776173285198
                                                                                                                                                                                                                                                                                                                                                                                RT_ICON0x4158580x568Device independent bitmap graphic, 16 x 32 x 8, image size 256, 256 important colorsEnglishUnited States0.5780346820809249
                                                                                                                                                                                                                                                                                                                                                                                RT_ICON0x415dc00x468Device independent bitmap graphic, 16 x 32 x 32, image size 1088EnglishUnited States0.8182624113475178
                                                                                                                                                                                                                                                                                                                                                                                RT_ICON0x4162280x2e8Device independent bitmap graphic, 32 x 64 x 4, image size 512EnglishUnited States0.5067204301075269
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x4165100x250dataEnglishUnited States0.40709459459459457
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x4167600x158dataEnglishUnited States0.5116279069767442
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x4168b80xa0dataEnglishUnited States0.60625
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x4169580xeedataEnglishUnited States0.6260504201680672
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x416a480x250dataEnglishUnited States0.4189189189189189
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x416c980x158dataEnglishUnited States0.5348837209302325
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x416df00xa0dataEnglishUnited States0.68125
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x416e900xeedataEnglishUnited States0.6512605042016807
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x416f800x250dataEnglishUnited States0.4189189189189189
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x4171d00x158dataEnglishUnited States0.5348837209302325
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x4173280xa0dataEnglishUnited States0.68125
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x4173c80xeedataEnglishUnited States0.6512605042016807
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x4174b80x248dataEnglishUnited States0.4075342465753425
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x4177000x150dataEnglishUnited States0.5386904761904762
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x4178500x98dataEnglishUnited States0.625
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x4178e80xe6dataEnglishUnited States0.6565217391304348
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x4179d00x240dataEnglishUnited States0.40625
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x417c100x148dataEnglishUnited States0.524390243902439
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x417d580x90dataEnglishUnited States0.6041666666666666
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x417de80xdedataEnglishUnited States0.6486486486486487
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x417ec80x23cdataEnglishUnited States0.3968531468531469
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x4181080x144dataEnglishUnited States0.5123456790123457
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x4182500x8cdataEnglishUnited States0.5857142857142857
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x4182e00xdadataEnglishUnited States0.6376146788990825
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x4183c00x23cdataEnglishUnited States0.3968531468531469
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x4186000x144dataEnglishUnited States0.5185185185185185
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x4187480x8cdataEnglishUnited States0.5928571428571429
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x4187d80xdadataEnglishUnited States0.6422018348623854
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x4188b80x250dataEnglishUnited States0.4189189189189189
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x418b080x158dataEnglishUnited States0.5348837209302325
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x418c600xa0dataEnglishUnited States0.68125
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x418d000xeedataEnglishUnited States0.6512605042016807
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x418df00x250dataEnglishUnited States0.4189189189189189
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x4190400x158dataEnglishUnited States0.5348837209302325
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x4191980xa0dataEnglishUnited States0.68125
                                                                                                                                                                                                                                                                                                                                                                                RT_DIALOG0x4192380xeedataEnglishUnited States0.6512605042016807
                                                                                                                                                                                                                                                                                                                                                                                RT_RCDATA0x4193280x15ASCII text, with no line terminatorsEnglishUnited States1.380952380952381
                                                                                                                                                                                                                                                                                                                                                                                RT_GROUP_ICON0x4193400x5adataEnglishUnited States0.7222222222222222
                                                                                                                                                                                                                                                                                                                                                                                RT_VERSION0x4193a00x2c4dataEnglishUnited States0.4971751412429379
                                                                                                                                                                                                                                                                                                                                                                                RT_MANIFEST0x4196680x42eXML 1.0 document, ASCII text, with very long lines (1070), with no line terminatorsEnglishUnited States0.5130841121495328

                                                                                                                                                                                                                                                                                                                                                                                Imports

                                                                                                                                                                                                                                                                                                                                                                                DLLImport
                                                                                                                                                                                                                                                                                                                                                                                ADVAPI32.dllRegCreateKeyExW, RegEnumKeyW, RegQueryValueExW, RegSetValueExW, RegCloseKey, RegDeleteValueW, RegDeleteKeyW, AdjustTokenPrivileges, LookupPrivilegeValueW, OpenProcessToken, SetFileSecurityW, RegOpenKeyExW, RegEnumValueW
                                                                                                                                                                                                                                                                                                                                                                                SHELL32.dllSHGetSpecialFolderLocation, SHFileOperationW, SHBrowseForFolderW, SHGetPathFromIDListW, ShellExecuteExW, SHGetFileInfoW
                                                                                                                                                                                                                                                                                                                                                                                ole32.dllOleInitialize, OleUninitialize, CoCreateInstance, IIDFromString, CoTaskMemFree
                                                                                                                                                                                                                                                                                                                                                                                COMCTL32.dllImageList_Create, ImageList_Destroy, ImageList_AddMasked
                                                                                                                                                                                                                                                                                                                                                                                USER32.dllGetClientRect, EndPaint, DrawTextW, IsWindowEnabled, DispatchMessageW, wsprintfA, CharNextA, CharPrevW, MessageBoxIndirectW, GetDlgItemTextW, SetDlgItemTextW, GetSystemMetrics, FillRect, AppendMenuW, TrackPopupMenu, OpenClipboard, SetClipboardData, CloseClipboard, IsWindowVisible, CallWindowProcW, GetMessagePos, CheckDlgButton, LoadCursorW, SetCursor, GetSysColor, SetWindowPos, GetWindowLongW, PeekMessageW, SetClassLongW, GetSystemMenu, EnableMenuItem, GetWindowRect, ScreenToClient, EndDialog, RegisterClassW, SystemParametersInfoW, CreateWindowExW, GetClassInfoW, DialogBoxParamW, CharNextW, ExitWindowsEx, DestroyWindow, CreateDialogParamW, SetTimer, SetWindowTextW, PostQuitMessage, SetForegroundWindow, ShowWindow, wsprintfW, SendMessageTimeoutW, FindWindowExW, IsWindow, GetDlgItem, SetWindowLongW, LoadImageW, GetDC, ReleaseDC, EnableWindow, InvalidateRect, SendMessageW, DefWindowProcW, BeginPaint, EmptyClipboard, CreatePopupMenu
                                                                                                                                                                                                                                                                                                                                                                                GDI32.dllSetBkMode, SetBkColor, GetDeviceCaps, CreateFontIndirectW, CreateBrushIndirect, DeleteObject, SetTextColor, SelectObject
                                                                                                                                                                                                                                                                                                                                                                                KERNEL32.dllGetExitCodeProcess, WaitForSingleObject, GetModuleHandleA, GetProcAddress, GetSystemDirectoryW, lstrcatW, Sleep, lstrcpyA, WriteFile, GetTempFileNameW, lstrcmpiA, RemoveDirectoryW, CreateProcessW, CreateDirectoryW, GetLastError, CreateThread, GlobalLock, GlobalUnlock, GetDiskFreeSpaceW, WideCharToMultiByte, lstrcpynW, lstrlenW, SetErrorMode, GetVersionExW, GetCommandLineW, GetTempPathW, GetWindowsDirectoryW, SetEnvironmentVariableW, CopyFileW, ExitProcess, GetCurrentProcess, GetModuleFileNameW, GetFileSize, CreateFileW, GetTickCount, MulDiv, SetFileAttributesW, GetFileAttributesW, SetCurrentDirectoryW, MoveFileW, GetFullPathNameW, GetShortPathNameW, SearchPathW, CompareFileTime, SetFileTime, CloseHandle, lstrcmpiW, lstrcmpW, ExpandEnvironmentStringsW, GlobalFree, GlobalAlloc, GetModuleHandleW, LoadLibraryExW, MoveFileExW, FreeLibrary, WritePrivateProfileStringW, GetPrivateProfileStringW, lstrlenA, MultiByteToWideChar, ReadFile, SetFilePointer, FindClose, FindNextFileW, FindFirstFileW, DeleteFileW

                                                                                                                                                                                                                                                                                                                                                                                Possible Origin

                                                                                                                                                                                                                                                                                                                                                                                Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                                                                                                                                                                                                                EnglishUnited States

                                                                                                                                                                                                                                                                                                                                                                                Network Behavior

                                                                                                                                                                                                                                                                                                                                                                                Suricata IDS Alerts

                                                                                                                                                                                                                                                                                                                                                                                TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:14:20.493543+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54970834.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:14:23.800355+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54971234.111.24.1443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:14:33.600633+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.54973734.160.176.28443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:14:34.897637+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54974334.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:14:36.684728+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54974734.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:14:44.015240+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.54976534.160.176.28443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:14:52.290002+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54978334.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:14:52.821698+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54978434.111.175.102443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:14:53.956588+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54979034.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:14:54.070461+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54979234.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:14:55.758801+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54979834.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:14:57.727533+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54980335.190.209.22443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:00.634198+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54981035.190.209.22443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:01.631150+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54981634.111.175.102443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:02.543479+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54982534.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:05.550153+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54984034.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:07.705146+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54984934.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:07.747449+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54985134.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:09.548315+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54986234.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:09.601618+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54986334.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:11.276399+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54987234.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:11.774500+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54987634.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:13.299940+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54989434.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:13.558684+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54989534.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:15.772878+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54990934.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:17.553957+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54991834.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:17.672534+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54991934.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:19.236656+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54993534.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:19.397979+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54993634.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:21.009558+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54995134.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:21.622050+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54995334.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:24.226088+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54996534.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:26.228074+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54998134.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:27.097517+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.54998634.111.175.102443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:27.103609+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.54999834.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:27.864202+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55001334.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:27.900917+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.54999634.160.176.28443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:27.961162+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.54999334.111.24.1443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:27.964605+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.54999434.111.24.1443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:28.010062+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55001434.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:28.043288+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.54999534.111.175.102443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:29.126656+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.55001734.160.176.28443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:29.328141+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.55001634.111.175.102443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:29.673355+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55002334.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:29.811644+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55002434.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:30.634205+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55002634.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:32.175183+01002022112ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 20151192.168.2.550032104.244.42.195443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:32.343934+01002022112ET EXPLOIT_KIT Possible Nuclear EK Landing Nov 17 20151192.168.2.550029172.66.0.227443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:32.414000+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55003334.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:32.923527+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55004234.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:33.142879+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55004434.149.202.126443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:33.919580+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55004534.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:34.888279+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55005234.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:35.553981+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55006034.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:35.554188+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55006234.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:36.083309+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55006434.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:37.394042+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55007934.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:37.979868+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55011034.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:39.095570+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55012634.149.202.126443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:39.931648+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55014134.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:41.706114+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55018234.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:43.533406+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55022634.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:44.337343+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55023034.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:44.474840+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55023134.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:45.848903+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55026934.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:47.617318+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55034534.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:47.666179+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55035234.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:49.780606+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55041634.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:52.373679+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55047734.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:54.429532+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55052734.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:15:57.433584+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55059234.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:16:06.105400+01002028371ET JA3 Hash - Possible Malware - Fake Firefox Font Update3192.168.2.55069734.117.223.223443TCP
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24T12:16:07.064540+01002803270ETPRO MALWARE Common Downloader Header Pattern UHCa2192.168.2.55069834.117.223.223443TCP

                                                                                                                                                                                                                                                                                                                                                                                Network Port Distribution

                                                                                                                                                                                                                                                                                                                                                                                TCP Packets

                                                                                                                                                                                                                                                                                                                                                                                TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:01.297415018 CET49674443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:01.297513962 CET49675443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:01.469268084 CET49673443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:10.906827927 CET49675443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:10.906847954 CET49674443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:11.078593016 CET49673443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:13.527156115 CET4434970623.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:13.527364016 CET49706443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:19.193278074 CET49708443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:19.193300009 CET4434970834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:19.193392038 CET49708443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:19.194936037 CET49708443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:19.194951057 CET4434970834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:20.493406057 CET4434970834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:20.493542910 CET49708443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:20.526175976 CET49708443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:20.526191950 CET4434970834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:20.527077913 CET4434970834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:20.578574896 CET49708443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:20.852720976 CET49708443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:20.852843046 CET49708443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:20.852848053 CET4434970834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:21.083589077 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:21.083631039 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:21.083719969 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:21.084212065 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:21.084229946 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:21.324116945 CET4434970834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:21.324362040 CET4434970834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:21.324424028 CET49708443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:21.327076912 CET49708443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:21.327088118 CET4434970834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:21.979054928 CET49710443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:21.979096889 CET443497104.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:21.979161978 CET49710443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:21.980896950 CET49710443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:21.980916023 CET443497104.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:22.532783985 CET49712443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:22.532823086 CET4434971234.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:22.532895088 CET49712443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:22.533220053 CET49712443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:22.533237934 CET4434971234.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:22.811346054 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:22.811453104 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:22.813254118 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:22.813282967 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:22.813505888 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:22.821693897 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:22.863373041 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.291981936 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.292000055 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.292012930 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.292098045 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.292130947 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.292174101 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.464802027 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.464822054 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.464901924 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.464965105 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.465029955 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.548491955 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.548506975 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.548578978 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.548604012 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.548670053 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.639497995 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.639512062 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.639576912 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.639626026 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.639679909 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.678638935 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.678654909 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.678721905 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.678740025 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.678771019 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.678792000 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.699173927 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.699191093 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.699250937 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.699274063 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.699306011 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.699350119 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.719933033 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.719949961 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.720000029 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.720050097 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.720065117 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.720124006 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.791285992 CET443497104.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.791351080 CET49710443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.793032885 CET49710443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.793041945 CET443497104.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.793380976 CET443497104.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.800280094 CET4434971234.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.800354958 CET49712443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.801913023 CET49712443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.801933050 CET4434971234.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.802444935 CET4434971234.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.803934097 CET49712443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.823954105 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.823967934 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.824031115 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.824050903 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.824099064 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.841361046 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.841377020 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.841442108 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.841456890 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.841511011 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.841511011 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.844189882 CET49710443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.847363949 CET4434971234.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.856513977 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.856530905 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.856595993 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.856610060 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.856667995 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.869268894 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.869283915 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.869355917 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.869370937 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.869492054 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.884097099 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.884119987 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.884186029 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.884202003 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.884257078 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.897784948 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.897802114 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.897876978 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.897897959 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.897953033 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.904135942 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.904192924 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.904202938 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.904263020 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.904263020 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.904263020 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.953845978 CET49714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.953934908 CET4434971413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.954005003 CET49714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.957159996 CET49715443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.957201004 CET4434971513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.957261086 CET49715443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.957643032 CET49716443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.957705021 CET4434971613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.957765102 CET49716443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.959640026 CET49717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.959667921 CET4434971713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.959722042 CET49717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.960024118 CET49717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.960032940 CET4434971713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.960155010 CET49714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.960191965 CET4434971413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.960305929 CET49715443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.960319996 CET4434971513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.960393906 CET49716443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.960433006 CET4434971613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.961527109 CET49718443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.961555004 CET4434971813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.961630106 CET49718443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.961818933 CET49718443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:23.961844921 CET4434971813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:24.203615904 CET49709443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:24.203664064 CET4434970913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:24.266365051 CET4434971234.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:24.266434908 CET4434971234.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:24.266494036 CET49712443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:24.267254114 CET49712443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:24.267285109 CET4434971234.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:24.267326117 CET49712443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:24.267340899 CET4434971234.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.309042931 CET49710443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.351368904 CET443497104.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.678801060 CET4434971413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.679382086 CET49714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.679441929 CET4434971413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.679879904 CET49714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.679893017 CET4434971413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.705401897 CET4434971813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.705971956 CET49718443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.706033945 CET4434971813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.706384897 CET49718443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.706399918 CET4434971813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.747844934 CET4434971513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.748173952 CET49715443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.748204947 CET4434971513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.748634100 CET49715443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.748639107 CET4434971513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.806812048 CET4434971613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.808803082 CET49716443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.808865070 CET4434971613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.808871031 CET4434971713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.809389114 CET49716443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.809401989 CET4434971613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.809873104 CET49717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.809881926 CET4434971713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.810504913 CET49717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.810509920 CET4434971713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.904895067 CET443497104.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.904954910 CET443497104.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.904977083 CET443497104.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.905015945 CET443497104.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.905062914 CET443497104.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.905076027 CET49710443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.905076027 CET49710443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.905101061 CET443497104.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.905113935 CET49710443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.905201912 CET49710443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.923932076 CET443497104.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.924009085 CET49710443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.924024105 CET443497104.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.924170971 CET443497104.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:25.924566984 CET49710443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.128674030 CET4434971413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.128695965 CET4434971413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.128750086 CET49714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.128767967 CET4434971413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.128814936 CET49714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.129127979 CET49714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.129132986 CET4434971413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.129158974 CET49714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.129267931 CET4434971413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.129293919 CET4434971413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.129343987 CET49714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.132356882 CET49721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.132467985 CET4434972113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.132548094 CET49721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.132704973 CET49721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.132728100 CET4434972113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.144104004 CET4434971813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.144157887 CET4434971813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.144228935 CET49718443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.144279957 CET4434971813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.145353079 CET4434971813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.145431995 CET49718443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.148641109 CET49718443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.148674011 CET4434971813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.148698092 CET49718443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.148710012 CET4434971813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.154084921 CET49722443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.154120922 CET4434972213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.154272079 CET49722443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.158624887 CET49722443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.158637047 CET4434972213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.195631027 CET4434971513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.195652962 CET4434971513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.195730925 CET49715443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.195754051 CET4434971513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.196014881 CET49715443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.196095943 CET49715443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.196104050 CET4434971513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.196116924 CET49715443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.196279049 CET4434971513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.196310043 CET4434971513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.196357965 CET49715443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.198843956 CET49723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.198879957 CET4434972313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.198940039 CET49723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.199229002 CET49723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.199266911 CET4434972313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.259869099 CET4434971613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.259917021 CET4434971613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.260009050 CET49716443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.261178970 CET4434971713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.261276960 CET4434971713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.263618946 CET49717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.277453899 CET49716443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.277503967 CET4434971613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.277542114 CET49716443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.277558088 CET4434971613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.279047966 CET49717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.279067039 CET4434971713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.279081106 CET49717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.279086113 CET4434971713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.281604052 CET49724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.281656027 CET4434972413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.281727076 CET49724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.281728983 CET49725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.281755924 CET4434972513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.281817913 CET49725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.281904936 CET49724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.281925917 CET4434972413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.282011032 CET49725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:26.282021999 CET4434972513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:27.328850031 CET49710443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:27.328877926 CET443497104.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:27.328905106 CET49710443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:27.328910112 CET443497104.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:27.872422934 CET4434972213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:27.876456976 CET49722443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:27.876477003 CET4434972213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:27.890140057 CET49722443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:27.890151024 CET4434972213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:27.941479921 CET4434972113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:27.978926897 CET4434972313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:27.984841108 CET49721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.012485027 CET4434972413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.031738997 CET49723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.045586109 CET49721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.045608044 CET4434972113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.046196938 CET49721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.046211958 CET4434972113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.047009945 CET49723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.047019958 CET4434972313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.063261032 CET49724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.064455032 CET49723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.064470053 CET4434972313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.085103989 CET49724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.085117102 CET4434972413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.085535049 CET49724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.085541010 CET4434972413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.127670050 CET4434972513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.144094944 CET49725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.144117117 CET4434972513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.144541979 CET49725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.144547939 CET4434972513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.306411028 CET4434972213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.306448936 CET4434972213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.306524992 CET49722443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.306842089 CET49722443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.306858063 CET4434972213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.306866884 CET49722443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.306874037 CET4434972213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.310247898 CET49727443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.310272932 CET4434972713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.310364962 CET49727443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.310497999 CET49727443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.310509920 CET4434972713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.385510921 CET4434972113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.385689020 CET4434972113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.386046886 CET49721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.386131048 CET49721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.386131048 CET49721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.386185884 CET4434972113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.386208057 CET4434972113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.388595104 CET49728443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.388606071 CET4434972813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.388730049 CET49728443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.388921022 CET49728443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.388931036 CET4434972813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.422511101 CET4434972313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.422591925 CET4434972313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.422849894 CET49723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.423866034 CET49723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.423887968 CET4434972313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.423918009 CET49723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.423930883 CET4434972313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.427546978 CET49729443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.427577019 CET4434972913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.427648067 CET49729443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.428128958 CET49729443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.428144932 CET4434972913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.446340084 CET4434972413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.446520090 CET4434972413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.446646929 CET49724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.446790934 CET49724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.446799994 CET4434972413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.450007915 CET49730443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.450016975 CET4434973013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.450160980 CET49730443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.450278044 CET49730443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.450289965 CET4434973013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.580563068 CET4434972513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.580625057 CET4434972513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.580676079 CET49725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.580955029 CET49725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.580962896 CET4434972513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.580971956 CET49725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.580976963 CET4434972513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.582752943 CET49731443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.582768917 CET4434973113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.582870960 CET49731443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.583295107 CET49731443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:28.583308935 CET4434973113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.153383017 CET4434972713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.154001951 CET49727443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.154012918 CET4434972713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.155706882 CET49727443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.155711889 CET4434972713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.225208044 CET4434972913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.236500978 CET49729443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.236521959 CET4434972913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.237217903 CET49729443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.237225056 CET4434972913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.238318920 CET4434973013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.239260912 CET49730443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.239260912 CET49730443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.239284039 CET4434973013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.239300966 CET4434973013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.240134001 CET4434972813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.240830898 CET49728443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.240830898 CET49728443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.240844965 CET4434972813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.240858078 CET4434972813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.362103939 CET4434973113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.362965107 CET49731443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.362976074 CET4434973113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.363651037 CET49731443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.363656044 CET4434973113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.606709957 CET4434972713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.606750965 CET4434972713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.606872082 CET49727443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.608437061 CET49727443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.608448982 CET4434972713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.608458996 CET49727443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.608463049 CET4434972713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.615360022 CET49732443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.615482092 CET4434973213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.615551949 CET49732443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.615710974 CET49732443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.615744114 CET4434973213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.669282913 CET4434972913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.669364929 CET4434972913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.669436932 CET49729443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.680593967 CET4434973013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.680870056 CET4434973013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.680946112 CET49730443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.691241980 CET49729443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.691257954 CET4434972913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.691274881 CET49729443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.691282988 CET4434972913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.692971945 CET4434972813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.693120956 CET4434972813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.693183899 CET49728443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.713455915 CET49728443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.713460922 CET4434972813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.736227989 CET49730443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.736232996 CET4434973013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.736243010 CET49730443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.736247063 CET4434973013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.805985928 CET4434973113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.806130886 CET4434973113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.806202888 CET49731443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.879446983 CET49731443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.879455090 CET4434973113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.879476070 CET49731443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.879482031 CET4434973113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.906200886 CET49733443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.906227112 CET4434973313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.906531096 CET49733443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.908093929 CET49734443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.908139944 CET4434973413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.908349037 CET49734443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.916845083 CET49735443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.916851997 CET4434973513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.916908026 CET49735443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.917244911 CET49733443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.917256117 CET4434973313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.917363882 CET49734443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.917393923 CET4434973413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.917742968 CET49735443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.917753935 CET4434973513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.918908119 CET49736443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.918941975 CET4434973613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.919029951 CET49736443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.919239998 CET49736443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:30.919251919 CET4434973613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:31.810910940 CET49737443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:31.810940027 CET4434973734.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:31.811039925 CET49737443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:31.811882019 CET49737443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:31.811891079 CET4434973734.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.281088114 CET4434973213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.283397913 CET49732443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.283467054 CET4434973213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.284209013 CET49732443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.284224033 CET4434973213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.712686062 CET4434973513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.713253021 CET49735443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.713270903 CET4434973513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.713901043 CET49735443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.713907003 CET4434973513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.719535112 CET4434973213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.719616890 CET4434973213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.719692945 CET49732443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.719824076 CET49732443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.719863892 CET4434973213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.719888926 CET49732443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.719903946 CET4434973213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.723118067 CET49738443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.723155022 CET4434973813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.723211050 CET49738443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.723452091 CET49738443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.723465919 CET4434973813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.787849903 CET4434973613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.788305044 CET49736443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.788315058 CET4434973613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.788934946 CET49736443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.788938999 CET4434973613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.917376995 CET4434973413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.917990923 CET49734443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.918028116 CET4434973413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.918544054 CET49734443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.918557882 CET4434973413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.967524052 CET4434973313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.968025923 CET49733443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.968039036 CET4434973313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.968764067 CET49733443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:32.968767881 CET4434973313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.140045881 CET4434973734.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.140125990 CET49737443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.156255960 CET4434973513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.156364918 CET4434973513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.156428099 CET49735443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.162785053 CET49735443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.162813902 CET4434973513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.162825108 CET49735443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.162831068 CET4434973513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.163907051 CET49737443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.163923025 CET4434973734.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.164340973 CET4434973734.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.164386988 CET49737443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.165713072 CET49737443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.169729948 CET49739443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.169790030 CET4434973913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.169857025 CET49739443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.170044899 CET49739443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.170061111 CET4434973913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.211328030 CET4434973734.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.240963936 CET4434973613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.241041899 CET4434973613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.241108894 CET49736443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.241391897 CET49736443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.241420984 CET4434973613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.241432905 CET49736443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.241439104 CET4434973613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.245688915 CET49740443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.245738983 CET4434974013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.245953083 CET49740443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.246128082 CET49740443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.246143103 CET4434974013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.361303091 CET4434973413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.361381054 CET4434973413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.361433983 CET49734443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.364337921 CET49734443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.364337921 CET49734443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.364373922 CET4434973413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.364394903 CET4434973413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.420739889 CET4434973313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.420901060 CET4434973313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.420985937 CET49733443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.449593067 CET49733443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.449608088 CET4434973313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.513025999 CET49741443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.513113976 CET4434974113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.513187885 CET49741443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.514537096 CET49742443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.514568090 CET4434974213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.514691114 CET49741443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.514708042 CET49742443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.514724970 CET4434974113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.515043020 CET49742443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.515055895 CET4434974213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.600639105 CET4434973734.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.600718975 CET49737443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.600732088 CET4434973734.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.600804090 CET4434973734.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.600853920 CET49737443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.630383968 CET49737443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.630400896 CET4434973734.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.684911013 CET49743443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.684943914 CET4434974334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.685206890 CET49743443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.685581923 CET49743443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:33.685595989 CET4434974334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.442677021 CET4434973813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.443264008 CET49738443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.443298101 CET4434973813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.443744898 CET49738443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.443767071 CET4434973813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.878065109 CET4434973813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.878110886 CET4434973813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.878360033 CET49738443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.878360033 CET49738443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.878436089 CET49738443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.878454924 CET4434973813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.881314993 CET49744443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.881402969 CET4434974413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.881504059 CET49744443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.881705999 CET49744443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.881741047 CET4434974413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.897495031 CET4434974334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.897636890 CET49743443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.898792982 CET49743443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.898802996 CET4434974334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.899034977 CET4434974334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.900358915 CET49743443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.900358915 CET49743443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.900427103 CET4434974334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.954880953 CET4434973913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.955410004 CET49739443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.955450058 CET4434973913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.955916882 CET49739443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.955929041 CET4434973913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.961484909 CET4434974013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.962133884 CET49740443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.962133884 CET49740443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.962167025 CET4434974013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:34.962179899 CET4434974013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.235833883 CET4434974113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.236270905 CET49741443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.236332893 CET4434974113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.236726046 CET49741443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.236740112 CET4434974113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.348756075 CET4434974334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.348831892 CET4434974334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.348965883 CET49743443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.349081039 CET49743443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.349100113 CET4434974334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.349131107 CET49743443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.349138021 CET4434974334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.360913038 CET4434974213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.363126993 CET49742443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.363157034 CET4434974213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.363567114 CET49742443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.363579988 CET4434974213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.395469904 CET4434974013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.395539045 CET4434974013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.395725012 CET49740443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.395754099 CET49740443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.395754099 CET49740443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.395770073 CET4434974013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.395780087 CET4434974013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.396819115 CET4434973913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.396981001 CET4434973913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.397393942 CET49739443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.397774935 CET49739443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.397818089 CET4434973913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.397907972 CET49739443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.397922993 CET4434973913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.399497986 CET49745443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.399530888 CET4434974513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.399730921 CET49745443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.399730921 CET49745443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.399755001 CET4434974513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.401470900 CET49746443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.401505947 CET4434974613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.401623964 CET49746443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.401849985 CET49746443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.401891947 CET4434974613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.423892975 CET49747443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.423923016 CET4434974734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.423981905 CET49747443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.424956083 CET49747443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.424968004 CET4434974734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.670144081 CET4434974113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.670279980 CET4434974113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.670510054 CET49741443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.670564890 CET49741443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.670564890 CET49741443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.670602083 CET4434974113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.670625925 CET4434974113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.674319983 CET49748443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.674365044 CET4434974813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.674477100 CET49748443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.674706936 CET49748443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.674736023 CET4434974813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.816098928 CET4434974213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.816164970 CET4434974213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.816226006 CET49742443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.816550016 CET49742443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.816565990 CET4434974213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.816582918 CET49742443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.816587925 CET4434974213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.820383072 CET49749443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.820410967 CET4434974913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.820494890 CET49749443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.820866108 CET49749443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:35.820878983 CET4434974913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:36.662792921 CET4434974413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:36.664658070 CET49744443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:36.664722919 CET4434974413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:36.665150881 CET49744443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:36.665169954 CET4434974413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:36.684653044 CET4434974734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:36.684727907 CET49747443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:36.685973883 CET49747443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:36.685983896 CET4434974734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:36.686217070 CET4434974734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:36.687355042 CET49747443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:36.687459946 CET49747443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:36.687464952 CET4434974734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.106806040 CET4434974413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.106853962 CET4434974413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.106996059 CET49744443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.107157946 CET49744443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.107182026 CET4434974413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.107198954 CET49744443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.107206106 CET4434974413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.110707045 CET49750443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.110793114 CET4434975013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.110872984 CET49750443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.111042023 CET49750443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.111078978 CET4434975013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.125185013 CET4434974513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.125700951 CET49745443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.125721931 CET4434974513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.126154900 CET49745443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.126161098 CET4434974513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.144737959 CET4434974734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.144845009 CET4434974734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.144942045 CET49747443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.145052910 CET49747443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.145065069 CET4434974734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.145075083 CET49747443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.145083904 CET4434974734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.199608088 CET4434974613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.200053930 CET49746443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.200109005 CET4434974613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.200582981 CET49746443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.200596094 CET4434974613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.539366007 CET4434974813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.539930105 CET49748443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.539988995 CET4434974813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.540412903 CET49748443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.540426016 CET4434974813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.543124914 CET4434974913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.543482065 CET49749443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.543514013 CET4434974913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.543940067 CET49749443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.543945074 CET4434974913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.580432892 CET4434974513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.580894947 CET4434974513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.580977917 CET49745443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.580977917 CET49745443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.581021070 CET49745443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.581037045 CET4434974513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.583941936 CET49751443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.583966970 CET4434975113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.584038973 CET49751443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.584172964 CET49751443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.584184885 CET4434975113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.643727064 CET4434974613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.643781900 CET4434974613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.644012928 CET49746443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.644119978 CET49746443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.644119978 CET49746443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.644182920 CET4434974613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.644211054 CET4434974613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.646157026 CET49752443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.646190882 CET4434975213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.646328926 CET49752443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.646522999 CET49752443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.646538019 CET4434975213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.978311062 CET4434974913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.978382111 CET4434974913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.978476048 CET49749443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.978646994 CET49749443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.978663921 CET4434974913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.978677988 CET49749443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.978682995 CET4434974913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.981575012 CET49754443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.981609106 CET4434975413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.981826067 CET49754443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.981971025 CET49754443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.981985092 CET4434975413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.991110086 CET4434974813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.991271019 CET4434974813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.991352081 CET49748443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.991421938 CET49748443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.991422892 CET49748443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.991463900 CET4434974813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.991492033 CET4434974813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.993381023 CET49755443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.993407011 CET4434975513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.993496895 CET49755443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.993675947 CET49755443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.993690014 CET4434975513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:38.895263910 CET4434975013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:38.903281927 CET49750443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:38.903332949 CET4434975013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:38.909249067 CET49750443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:38.909269094 CET4434975013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.394131899 CET4434975113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.394741058 CET49751443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.394763947 CET4434975113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.395219088 CET49751443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.395224094 CET4434975113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.440886021 CET4434975213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.446310997 CET49752443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.446340084 CET4434975213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.446779013 CET49752443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.446784973 CET4434975213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.779254913 CET4434975513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.779809952 CET49755443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.779844046 CET4434975513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.780270100 CET49755443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.780276060 CET4434975513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.829328060 CET4434975413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.829824924 CET49754443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.829849005 CET4434975413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.830316067 CET49754443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.830321074 CET4434975413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.838136911 CET4434975113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.838304043 CET4434975113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.838366032 CET49751443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.838414907 CET49751443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.838434935 CET4434975113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.838444948 CET49751443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.838449955 CET4434975113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.841059923 CET49756443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.841100931 CET4434975613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.841206074 CET49756443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.841335058 CET49756443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.841352940 CET4434975613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.850110054 CET4434975013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.850168943 CET4434975013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.850230932 CET49750443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.850316048 CET49750443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.850364923 CET4434975013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.850394964 CET49750443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.850410938 CET4434975013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.852195024 CET49757443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.852252007 CET4434975713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.852335930 CET49757443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.852477074 CET49757443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.852508068 CET4434975713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.884411097 CET4434975213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.884465933 CET4434975213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.884515047 CET49752443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.884620905 CET49752443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.884635925 CET4434975213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.884648085 CET49752443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.884653091 CET4434975213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.886511087 CET49758443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.886528015 CET4434975813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.886591911 CET49758443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.886717081 CET49758443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.886729956 CET4434975813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.234385967 CET4434975513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.234473944 CET4434975513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.234534025 CET49755443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.234778881 CET49755443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.234803915 CET4434975513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.234842062 CET49755443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.234849930 CET4434975513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.238044024 CET49759443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.238131046 CET4434975913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.238281012 CET49759443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.238449097 CET49759443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.238471985 CET4434975913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.286922932 CET4434975413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.287014008 CET4434975413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.287079096 CET49754443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.287272930 CET49754443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.287290096 CET4434975413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.287301064 CET49754443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.287306070 CET4434975413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.289521933 CET49761443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.289558887 CET4434976113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.289628029 CET49761443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.289758921 CET49761443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.289771080 CET4434976113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:41.644699097 CET4434975613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:41.645240068 CET49756443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:41.645263910 CET4434975613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:41.645756006 CET49756443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:41.645764112 CET4434975613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:41.649930000 CET4434975713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:41.650274992 CET49757443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:41.650321960 CET4434975713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:41.650687933 CET49757443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:41.650707006 CET4434975713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:41.688863993 CET4434975813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:41.689193010 CET49758443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:41.689203978 CET4434975813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:41.689555883 CET49758443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:41.689560890 CET4434975813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.039021015 CET4434975913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.039659977 CET49759443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.039694071 CET4434975913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.040059090 CET49759443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.040071964 CET4434975913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.084579945 CET4434976113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.084918976 CET49761443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.084928989 CET4434976113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.085297108 CET49761443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.085300922 CET4434976113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.086653948 CET4434975613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.087146997 CET4434975613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.087202072 CET49756443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.087234974 CET49756443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.087253094 CET4434975613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.087263107 CET49756443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.087269068 CET4434975613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.090065002 CET49762443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.090168953 CET4434976213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.090256929 CET49762443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.090382099 CET49762443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.090416908 CET4434976213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.094221115 CET4434975713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.094274044 CET4434975713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.094336987 CET49757443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.094734907 CET49757443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.094793081 CET4434975713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.094841957 CET49757443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.094857931 CET4434975713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.096860886 CET49763443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.096884966 CET4434976313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.096955061 CET49763443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.097086906 CET49763443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.097095966 CET4434976313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.132998943 CET4434975813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.133064032 CET4434975813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.133212090 CET49758443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.136737108 CET49758443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.136740923 CET4434975813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.136750937 CET49758443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.136754036 CET4434975813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.139805079 CET49764443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.139878035 CET4434976413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.139945984 CET49764443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.154303074 CET49764443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.154335976 CET4434976413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.337857008 CET49765443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.337898970 CET4434976534.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.337985039 CET49765443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.338253021 CET49765443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.338295937 CET4434976534.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.494709015 CET4434975913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.494894028 CET4434975913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.494961977 CET49759443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.495063066 CET49759443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.495114088 CET4434975913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.495146036 CET49759443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.495160103 CET4434975913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.497987986 CET49766443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.498032093 CET4434976613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.498107910 CET49766443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.498248100 CET49766443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.498276949 CET4434976613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.531864882 CET4434976113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.531924963 CET4434976113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.531972885 CET49761443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.558631897 CET49761443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.558660984 CET4434976113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.558674097 CET49761443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.558680058 CET4434976113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.561645031 CET49767443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.561707020 CET4434976713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.561794996 CET49767443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.561929941 CET49767443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:42.561943054 CET4434976713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:43.550333977 CET4434976534.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:43.550443888 CET49765443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:43.650278091 CET49765443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:43.650305033 CET4434976534.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:43.650540113 CET49765443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:43.650547981 CET4434976534.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:43.888045073 CET4434976213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:43.888741016 CET49762443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:43.888796091 CET4434976213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:43.889236927 CET49762443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:43.889254093 CET4434976213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:43.948558092 CET4434976413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:43.949085951 CET49764443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:43.949151039 CET4434976413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:43.949547052 CET49764443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:43.949562073 CET4434976413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:43.956001997 CET4434976313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:43.957101107 CET49763443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:43.957120895 CET4434976313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:43.962825060 CET49763443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:43.962831020 CET4434976313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.015260935 CET4434976534.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.015350103 CET4434976534.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.015413046 CET4434976534.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.015511990 CET49765443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.015511990 CET49765443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.015511990 CET49765443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.016926050 CET49765443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.016974926 CET4434976534.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.237520933 CET4434976613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.241533041 CET49766443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.241600990 CET4434976613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.242218018 CET49766443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.242228985 CET4434976613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.329827070 CET4434976213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.329999924 CET4434976213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.330075026 CET49762443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.330189943 CET49762443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.330254078 CET4434976213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.330285072 CET49762443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.330301046 CET4434976213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.333641052 CET49768443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.333681107 CET4434976813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.333754063 CET49768443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.333986998 CET49768443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.334007025 CET4434976813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.358840942 CET4434976713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.359297991 CET49767443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.359330893 CET4434976713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.360584021 CET49767443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.360589027 CET4434976713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.392240047 CET4434976413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.392343044 CET4434976413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.392398119 CET49764443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.392508030 CET49764443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.392529964 CET4434976413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.392544985 CET49764443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.392553091 CET4434976413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.395406961 CET49769443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.395447016 CET4434976913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.395513058 CET49769443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.395678043 CET49769443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.395695925 CET4434976913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.409518957 CET4434976313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.409580946 CET4434976313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.409619093 CET49763443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.409746885 CET49763443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.409770012 CET4434976313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.409785986 CET49763443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.409794092 CET4434976313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.412156105 CET49770443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.412192106 CET4434977013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.412255049 CET49770443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.412379026 CET49770443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.412391901 CET4434977013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.672400951 CET4434976613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.672476053 CET4434976613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.672533035 CET49766443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.675578117 CET49766443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.675609112 CET4434976613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.675628901 CET49766443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.675636053 CET4434976613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.685007095 CET49771443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.685048103 CET4434977113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.685113907 CET49771443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.688460112 CET49771443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.688478947 CET4434977113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.803801060 CET4434976713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.803877115 CET4434976713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.803927898 CET49767443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.804059982 CET49767443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.804075956 CET4434976713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.804086924 CET49767443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.804091930 CET4434976713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.806374073 CET49772443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.806410074 CET4434977213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.806482077 CET49772443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.806611061 CET49772443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:44.806624889 CET4434977213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.138127089 CET4434976813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.168768883 CET49768443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.168801069 CET4434976813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.177218914 CET4434976913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.178869009 CET49768443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.178877115 CET4434976813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.222265005 CET49769443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.289526939 CET49769443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.289545059 CET4434976913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.290340900 CET49769443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.290345907 CET4434976913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.535171986 CET4434977113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.536026001 CET49771443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.536050081 CET4434977113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.536804914 CET49771443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.536811113 CET4434977113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.584393978 CET4434976813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.584574938 CET4434976813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.584625006 CET49768443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.584978104 CET49768443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.584990978 CET4434976813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.585006952 CET49768443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.585012913 CET4434976813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.589943886 CET49773443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.590024948 CET4434977313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.590104103 CET49773443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.590311050 CET49773443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.590339899 CET4434977313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.621736050 CET4434976913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.621800900 CET4434976913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.621856928 CET49769443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.621990919 CET49769443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.622008085 CET4434976913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.622016907 CET49769443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.622021914 CET4434976913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.626334906 CET49774443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.626364946 CET4434977413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.626415968 CET49774443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.626822948 CET49774443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.626833916 CET4434977413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.636653900 CET4434977013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.637118101 CET49770443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.637130976 CET4434977013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.638691902 CET49770443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.638698101 CET4434977013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.650499105 CET4434977213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.651426077 CET49772443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.651437998 CET4434977213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.652713060 CET49772443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.652718067 CET4434977213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.991235971 CET4434977113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.991311073 CET4434977113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.991363049 CET49771443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.992101908 CET49771443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.992110014 CET4434977113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.992120028 CET49771443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.992124081 CET4434977113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.998924971 CET49775443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.999011993 CET4434977513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:46.999126911 CET49775443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.001573086 CET49775443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.001619101 CET4434977513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.072559118 CET4434977013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.072624922 CET4434977013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.072710037 CET49770443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.077195883 CET49770443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.077210903 CET4434977013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.077222109 CET49770443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.077225924 CET4434977013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.086184978 CET49776443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.086200953 CET4434977613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.086261034 CET49776443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.086565971 CET49776443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.086577892 CET4434977613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.103198051 CET4434977213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.103274107 CET4434977213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.103326082 CET49772443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.103604078 CET49772443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.103604078 CET49772443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.103612900 CET4434977213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.103621006 CET4434977213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.108710051 CET49777443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.108726978 CET4434977713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.108788013 CET49777443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.109044075 CET49777443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:47.109055996 CET4434977713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.385236979 CET4434977313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.386639118 CET49773443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.386639118 CET49773443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.386676073 CET4434977313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.386703014 CET4434977313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.414412022 CET4434977413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.427875996 CET49774443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.427875996 CET49774443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.427910089 CET4434977413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.427922010 CET4434977413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.694921970 CET4434977613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.717526913 CET49776443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.717564106 CET4434977613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.718247890 CET49776443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.718252897 CET4434977613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.837518930 CET4434977313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.837716103 CET4434977313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.837795019 CET49773443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.866985083 CET4434977513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.867100000 CET4434977413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.867182016 CET4434977413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.867269993 CET49774443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.879307985 CET49773443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.879376888 CET4434977313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.879415989 CET49773443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.879435062 CET4434977313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.922466993 CET49775443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:48.976939917 CET4434977713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.031745911 CET49777443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.138637066 CET4434977613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.138729095 CET4434977613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.138808012 CET49776443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.223176956 CET49777443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.223220110 CET4434977713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.224299908 CET49777443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.224313974 CET4434977713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.224653959 CET49776443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.224688053 CET4434977613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.228111982 CET49775443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.228183031 CET4434977513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.229135990 CET49775443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.229150057 CET4434977513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.229350090 CET49774443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.229373932 CET4434977413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.229391098 CET49774443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.229398012 CET4434977413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.419485092 CET49778443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.419553041 CET4434977813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.419665098 CET49778443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.421178102 CET49779443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.421253920 CET4434977913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.421304941 CET49779443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.421431065 CET49778443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.421446085 CET4434977813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.423996925 CET49780443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.424089909 CET4434978013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.424180031 CET49780443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.424835920 CET49780443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.424865961 CET4434978013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.425126076 CET49779443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.425153017 CET4434977913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.562472105 CET4434977713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.562541962 CET4434977713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.562699080 CET49777443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.563102007 CET4434977513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.563205957 CET4434977513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.563307047 CET49775443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.563684940 CET49775443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.563726902 CET4434977513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.564589024 CET49777443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.564589024 CET49777443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.564616919 CET4434977713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.564627886 CET4434977713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.570185900 CET49781443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.570257902 CET4434978113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.570338011 CET49781443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.570605993 CET49781443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.570625067 CET4434978113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.572021961 CET49782443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.572114944 CET4434978213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.572201014 CET49782443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.572577953 CET49782443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:49.572612047 CET4434978213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.018748045 CET49783443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.018811941 CET4434978334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.019104004 CET49783443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.019634008 CET49783443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.019660950 CET4434978334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.215835094 CET4434977813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.216453075 CET4434978013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.222229004 CET4434977913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.266149998 CET49780443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.266153097 CET49778443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.266237974 CET49779443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.276036978 CET49778443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.276051044 CET4434977813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.279484034 CET49778443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.279489040 CET4434977813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.289931059 CET49780443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.289957047 CET4434978013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.290532112 CET49780443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.290544033 CET4434978013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.291099072 CET49779443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.291112900 CET4434977913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.291687012 CET49779443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.291696072 CET4434977913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.357609034 CET4434978213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.357834101 CET4434978113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.358987093 CET49782443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.359010935 CET4434978213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.363306046 CET49782443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.363311052 CET4434978213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.365117073 CET49781443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.365166903 CET4434978113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.365912914 CET49781443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.365921974 CET4434978113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.488112926 CET49784443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.488178015 CET4434978434.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.488365889 CET49784443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.489671946 CET49784443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.489687920 CET4434978434.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.659989119 CET4434978013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.660063028 CET4434978013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.660495043 CET49780443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.661016941 CET4434977813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.661117077 CET4434977813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.661190033 CET49778443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.666584015 CET4434977913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.666661978 CET4434977913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.666932106 CET49779443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.710549116 CET49780443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.710582018 CET4434978013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.710602999 CET49780443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.710609913 CET4434978013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.711852074 CET49778443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.711852074 CET49778443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.711875916 CET4434977813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.711885929 CET4434977813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.713260889 CET49779443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.713289976 CET4434977913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.713315010 CET49779443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.713320017 CET4434977913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.802042007 CET4434978213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.802118063 CET4434978213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.802922964 CET4434978113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.803021908 CET4434978113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.803052902 CET49782443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.805758953 CET49781443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.017528057 CET49785443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.017669916 CET4434978513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.024096966 CET49785443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.028403044 CET49781443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.028403044 CET49781443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.028449059 CET4434978113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.028460026 CET4434978113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.046472073 CET49782443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.046472073 CET49782443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.046505928 CET4434978213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.046519995 CET4434978213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.082720995 CET49786443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.082765102 CET4434978613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.082925081 CET49786443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.083648920 CET49787443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.083683014 CET4434978713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.084043980 CET49787443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.116373062 CET49787443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.116373062 CET49785443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.116415977 CET4434978713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.116451025 CET4434978513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.118608952 CET49786443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.118629932 CET4434978613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.136492014 CET49788443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.136531115 CET4434978813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.136687040 CET49788443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.139461994 CET49788443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.139483929 CET4434978813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.289860964 CET4434978334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.290002108 CET49783443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.292125940 CET49783443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.292139053 CET4434978334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.292438984 CET4434978334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.298235893 CET49783443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.298506975 CET49783443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.298512936 CET4434978334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.304927111 CET49789443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.304955006 CET4434978913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.305535078 CET49789443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.318803072 CET49789443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.318824053 CET4434978913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.683398962 CET49790443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.683450937 CET4434979034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.683517933 CET49790443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.685966015 CET49790443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.685977936 CET4434979034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.759902000 CET4434978334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.759975910 CET4434978334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.760037899 CET49783443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.760237932 CET49783443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.760289907 CET4434978334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.760324001 CET49783443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.760339022 CET4434978334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.762862921 CET49792443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.762907982 CET4434979234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.762981892 CET49792443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.763284922 CET49792443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.763295889 CET4434979234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.821623087 CET4434978434.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.821697950 CET49784443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.823472023 CET49784443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.823481083 CET4434978434.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.823731899 CET4434978434.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.875457048 CET49784443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.878941059 CET49784443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.919332981 CET4434978434.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.361277103 CET4434978434.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.361366034 CET4434978434.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.361418962 CET49784443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.361862898 CET49784443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.361886978 CET4434978434.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.361900091 CET49784443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.361905098 CET4434978434.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.485156059 CET4970380192.168.2.5104.18.21.226
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.485239029 CET4970480192.168.2.5151.101.2.133
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.485244989 CET4970780192.168.2.5104.18.21.226
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.485270023 CET4970580192.168.2.5151.101.130.133
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.605401039 CET8049703104.18.21.226192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.605573893 CET4970380192.168.2.5104.18.21.226
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.606115103 CET8049704151.101.2.133192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.606162071 CET8049707104.18.21.226192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.606187105 CET4970480192.168.2.5151.101.2.133
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.606203079 CET8049705151.101.130.133192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.606261015 CET4970780192.168.2.5104.18.21.226
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.606374025 CET4970580192.168.2.5151.101.130.133
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.918584108 CET4434978513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.919284105 CET49785443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.919361115 CET4434978513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.919866085 CET4434978613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.919909000 CET49785443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.919925928 CET4434978513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.920556068 CET49786443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.920556068 CET49786443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.920578003 CET4434978613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.920597076 CET4434978613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.951159000 CET4434978813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.952533960 CET49788443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.952558041 CET4434978813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.953496933 CET49788443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.953502893 CET4434978813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.956491947 CET4434979034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.956588030 CET49790443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.962343931 CET49790443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.962354898 CET4434979034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.962651968 CET4434979034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.987426043 CET4434978713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.004905939 CET49787443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.004971981 CET4434978713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.005507946 CET49787443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.005525112 CET4434978713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.017497063 CET49790443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.048949003 CET49790443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.048949003 CET49790443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.049114943 CET4434979034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.070216894 CET4434979234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.070461035 CET49792443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.071810007 CET49792443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.071829081 CET4434979234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.072072983 CET4434979234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.074748993 CET49792443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.074865103 CET49792443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.074894905 CET4434979234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.113276958 CET4434978913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.113797903 CET49789443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.113852024 CET4434978913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.114782095 CET49789443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.114799023 CET4434978913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.364341974 CET4434978513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.364386082 CET4434978613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.364449024 CET4434978513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.364614010 CET49785443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.364638090 CET4434978613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.364732027 CET49786443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.364872932 CET49785443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.364872932 CET49785443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.364938021 CET4434978513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.364965916 CET4434978513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.365020037 CET49786443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.365020037 CET49786443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.365036964 CET4434978613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.365046978 CET4434978613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.368726015 CET49795443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.368777990 CET4434979513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.368901968 CET49795443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.369505882 CET49795443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.369538069 CET4434979513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.370290041 CET49796443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.370328903 CET4434979613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.370471001 CET49796443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.370618105 CET49796443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.370630980 CET4434979613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.399539948 CET4434978813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.399627924 CET4434978813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.399789095 CET49788443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.399955034 CET49788443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.399955034 CET49788443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.399971008 CET4434978813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.399985075 CET4434978813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.402554989 CET49797443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.402635098 CET4434979713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.405580997 CET49797443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.406326056 CET49797443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.406374931 CET4434979713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.418325901 CET4434979034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.418396950 CET4434979034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.421658993 CET49790443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.439443111 CET49790443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.439443111 CET49790443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.439490080 CET4434979034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.439519882 CET4434979034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.444228888 CET49798443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.444298029 CET4434979834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.444427967 CET49798443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.444930077 CET49798443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.444961071 CET4434979834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.445817947 CET4434978713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.445880890 CET4434978713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.446099997 CET49787443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.446100950 CET49787443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.446533918 CET49787443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.446564913 CET4434978713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.448905945 CET49799443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.448944092 CET4434979913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.449033022 CET49799443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.449259043 CET49799443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.449280977 CET4434979913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.542344093 CET4434979234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.542418957 CET4434979234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.542484999 CET49792443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.543253899 CET49792443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.543272018 CET4434979234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.543287039 CET49792443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.543292999 CET4434979234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.560250998 CET4434978913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.560321093 CET4434978913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.560421944 CET49789443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.761518955 CET49789443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.761518955 CET49789443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.761598110 CET4434978913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.761615992 CET4434978913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.916388988 CET49800443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.916448116 CET4434980013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.916510105 CET49800443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.919223070 CET49800443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:54.919253111 CET4434980013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.489658117 CET49706443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.492543936 CET49706443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.493242025 CET49801443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.493352890 CET4434980123.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.493441105 CET49801443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.495963097 CET49801443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.495999098 CET4434980123.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.609446049 CET4434970623.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.612044096 CET4434970623.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.758735895 CET4434979834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.758800983 CET49798443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.760488987 CET49798443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.760510921 CET4434979834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.760741949 CET4434979834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.762362957 CET49798443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.762535095 CET49798443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.762551069 CET4434979834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.901268959 CET49803443192.168.2.535.190.209.22
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.901324034 CET4434980335.190.209.22192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.901400089 CET49803443192.168.2.535.190.209.22
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.903017998 CET49803443192.168.2.535.190.209.22
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.903032064 CET4434980335.190.209.22192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.164297104 CET4434979513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.164844990 CET49795443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.164881945 CET4434979513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.165216923 CET49795443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.165222883 CET4434979513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.179886103 CET4434979613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.180660963 CET49796443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.180680037 CET4434979613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.181124926 CET49796443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.181132078 CET4434979613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.191411972 CET4434979713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.191802979 CET49797443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.191864014 CET4434979713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.192202091 CET49797443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.192215919 CET4434979713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.228255987 CET4434979913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.228698015 CET49799443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.228714943 CET4434979913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.229298115 CET49799443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.229309082 CET4434979913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.230211973 CET4434979834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.230331898 CET4434979834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.230423927 CET49798443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.613884926 CET4434979513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.613972902 CET4434979513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.614191055 CET49795443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.614341021 CET49795443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.614341021 CET49795443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.614392996 CET4434979513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.614419937 CET4434979513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.617801905 CET49804443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.617850065 CET4434980413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.617954016 CET49804443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.618140936 CET49804443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.618155956 CET4434980413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.628066063 CET4434979613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.628221989 CET4434979613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.628326893 CET49796443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.628326893 CET49796443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.628360987 CET49796443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.628376007 CET4434979613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.630768061 CET49805443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.630808115 CET4434980513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.630911112 CET49805443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.631032944 CET49805443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.631045103 CET4434980513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.639513016 CET4434979713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.639683962 CET4434979713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.639770985 CET49797443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.639770985 CET49797443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.640366077 CET49797443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.640389919 CET4434979713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.642462015 CET49806443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.642487049 CET4434980613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.642633915 CET49806443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.642771006 CET49806443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.642780066 CET4434980613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.678227901 CET4434979913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.678312063 CET4434979913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.678482056 CET49799443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.678766966 CET49799443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.678766966 CET49799443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.678793907 CET4434979913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.678807020 CET4434979913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.681477070 CET49807443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.681499004 CET4434980713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.681780100 CET49807443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.681855917 CET49807443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.681866884 CET4434980713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.715272903 CET4434980013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.716602087 CET49800443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.716634035 CET4434980013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.717340946 CET49800443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.717345953 CET4434980013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.737839937 CET49798443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.897278070 CET4434980123.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:56.897459030 CET49801443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:57.160906076 CET4434980013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:57.160981894 CET4434980013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:57.161794901 CET49800443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:57.170789957 CET49800443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:57.170789957 CET49800443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:57.170808077 CET4434980013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:57.170816898 CET4434980013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:57.175259113 CET49808443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:57.175311089 CET4434980813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:57.175865889 CET49808443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:57.175865889 CET49808443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:57.175906897 CET4434980813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:57.724657059 CET4434980335.190.209.22192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:57.727533102 CET49803443192.168.2.535.190.209.22
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:57.746967077 CET49803443192.168.2.535.190.209.22
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:57.746988058 CET4434980335.190.209.22192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:57.747318029 CET4434980335.190.209.22192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:57.797346115 CET49803443192.168.2.535.190.209.22
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:57.893064022 CET49803443192.168.2.535.190.209.22
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:57.893064022 CET49803443192.168.2.535.190.209.22
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:57.893199921 CET4434980335.190.209.22192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.363214970 CET4434980513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.379183054 CET49805443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.379208088 CET4434980513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.379406929 CET49805443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.379412889 CET4434980513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.416306019 CET4434980413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.424788952 CET4434980335.190.209.22192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.424868107 CET4434980335.190.209.22192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.425204039 CET49803443192.168.2.535.190.209.22
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.447427988 CET49804443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.447427988 CET49804443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.447462082 CET4434980413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.447484016 CET4434980413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.450155020 CET49803443192.168.2.535.190.209.22
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.450180054 CET4434980335.190.209.22192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.450221062 CET49803443192.168.2.535.190.209.22
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.450227022 CET4434980335.190.209.22192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.475186110 CET4434980613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.518996000 CET49806443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.537493944 CET49806443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.537503958 CET4434980613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.538053989 CET49806443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.538058996 CET4434980613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.548036098 CET4434980713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.548475981 CET49807443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.548491955 CET4434980713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.548939943 CET49807443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.548948050 CET4434980713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.802643061 CET4434980513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.802722931 CET4434980513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.802783012 CET49805443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.865844011 CET4434980413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.865955114 CET4434980413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.866039038 CET49804443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.918412924 CET49805443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.918451071 CET4434980513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.920399904 CET49804443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.920428991 CET4434980413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.920444012 CET49804443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.920452118 CET4434980413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.921750069 CET4434980613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.921921015 CET4434980613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.921993017 CET49806443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.957762957 CET49806443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.957777023 CET4434980613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.957793951 CET49806443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.957799911 CET4434980613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.966063023 CET4434980813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.000998020 CET4434980713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.001065969 CET4434980713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.001120090 CET49807443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.016093969 CET49808443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.029155016 CET49808443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.029165983 CET4434980813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.030432940 CET49808443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.030436993 CET4434980813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.041855097 CET49807443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.041876078 CET4434980713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.041887999 CET49807443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.041894913 CET4434980713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.138206005 CET49810443192.168.2.535.190.209.22
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.138250113 CET4434981035.190.209.22192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.138597965 CET49810443192.168.2.535.190.209.22
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.139070988 CET49810443192.168.2.535.190.209.22
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.139086008 CET4434981035.190.209.22192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.237225056 CET49811443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.237276077 CET4434981113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.237341881 CET49811443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.239798069 CET49812443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.239855051 CET4434981213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.239928007 CET49812443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.262518883 CET49813443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.262566090 CET4434981313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.262705088 CET49813443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.377394915 CET49811443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.377430916 CET4434981113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.378436089 CET49812443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.378479958 CET4434981213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.388204098 CET49813443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.388231039 CET4434981313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.436635971 CET4434980813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.436717987 CET4434980813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.436772108 CET49808443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.441457033 CET49814443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.441499949 CET4434981413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.441590071 CET49814443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.539659023 CET49808443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.539699078 CET4434980813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.546806097 CET49814443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.546854973 CET4434981413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.668344021 CET49815443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.668406010 CET4434981513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.668489933 CET49815443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.766001940 CET49815443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:59.766031981 CET4434981513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:00.404500008 CET49816443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:00.404603958 CET4434981634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:00.404679060 CET49816443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:00.405801058 CET49816443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:00.405832052 CET4434981634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:00.634080887 CET4434981035.190.209.22192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:00.634197950 CET49810443192.168.2.535.190.209.22
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:00.636025906 CET49810443192.168.2.535.190.209.22
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:00.636039019 CET4434981035.190.209.22192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:00.636884928 CET4434981035.190.209.22192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:00.638107061 CET49810443192.168.2.535.190.209.22
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:00.638605118 CET49810443192.168.2.535.190.209.22
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:00.638690948 CET4434981035.190.209.22192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.107675076 CET4434981113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.107682943 CET4434981213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.108242035 CET49812443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.108246088 CET49811443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.108272076 CET4434981113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.108282089 CET4434981213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.108788013 CET49811443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.108792067 CET4434981113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.108795881 CET49812443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.108803034 CET4434981213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.122322083 CET4434981313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.122769117 CET49813443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.122800112 CET4434981313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.123198032 CET49813443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.123203993 CET4434981313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.179972887 CET4434981035.190.209.22192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.180164099 CET4434981035.190.209.22192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.180241108 CET49810443192.168.2.535.190.209.22
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.180474043 CET49810443192.168.2.535.190.209.22
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.180495024 CET4434981035.190.209.22192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.180507898 CET49810443192.168.2.535.190.209.22
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.180514097 CET4434981035.190.209.22192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.276051998 CET49825443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.276098967 CET4434982534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.276192904 CET49825443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.277280092 CET49825443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.277295113 CET4434982534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.403537989 CET4434981413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.407531023 CET49814443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.407567024 CET4434981413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.408102989 CET49814443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.408109903 CET4434981413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.542711020 CET4434981213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.542785883 CET4434981213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.544111013 CET49812443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.545526028 CET49812443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.545547962 CET4434981213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.545566082 CET49812443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.545572996 CET4434981213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.548141003 CET4434981113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.548170090 CET4434981113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.548240900 CET4434981113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.548274040 CET49811443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.548386097 CET49811443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.552730083 CET49811443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.552730083 CET49811443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.552745104 CET4434981113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.552753925 CET4434981113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.555973053 CET49827443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.555974007 CET49826443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.555990934 CET4434982713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.556004047 CET4434982613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.556099892 CET49826443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.556101084 CET49827443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.556267023 CET49826443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.556267023 CET49827443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.556277037 CET4434982713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.556279898 CET4434982613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.556577921 CET4434981313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.556750059 CET4434981313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.556828976 CET49813443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.556828976 CET49813443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.558769941 CET49828443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.558773994 CET49813443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.558789968 CET4434982813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.558790922 CET4434981313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.559009075 CET49828443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.559009075 CET49828443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.559035063 CET4434982813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.563251972 CET4434981513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.563776016 CET49815443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.563795090 CET4434981513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.564075947 CET49815443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.564080000 CET4434981513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.631021023 CET4434981634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.631150007 CET49816443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.643287897 CET49816443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.643325090 CET4434981634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.643584967 CET4434981634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.702595949 CET49816443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.747327089 CET4434981634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.861238003 CET4434981413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.861263990 CET4434981413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.861469030 CET49814443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.861517906 CET4434981413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.863456011 CET4434981413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.863676071 CET49814443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.870801926 CET49814443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.870824099 CET4434981413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.870853901 CET49814443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.870867968 CET4434981413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.874816895 CET49829443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.874866962 CET4434982913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.874937057 CET49829443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.875417948 CET49829443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:01.875433922 CET4434982913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.008479118 CET4434981513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.008506060 CET4434981513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.008589029 CET49815443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.008608103 CET4434981513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.008665085 CET49815443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.017041922 CET4434981513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.017091036 CET4434981513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.017133951 CET49815443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.019156933 CET49815443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.019180059 CET4434981513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.019190073 CET49815443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.019196033 CET4434981513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.029505014 CET49830443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.029551983 CET4434983013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.033730984 CET49830443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.033730984 CET49830443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.033776999 CET4434983013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.165232897 CET4434981634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.165313005 CET4434981634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.165834904 CET49816443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.165836096 CET49816443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.166253090 CET49816443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.166268110 CET4434981634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.543371916 CET4434982534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.543478966 CET49825443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.556071043 CET49825443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.556092024 CET4434982534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.557081938 CET4434982534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.712346077 CET49825443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.337954998 CET4434982613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.350759983 CET4434982813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.356343031 CET49826443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.356385946 CET4434982613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.356836081 CET49826443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.356842041 CET4434982613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.358078957 CET49828443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.358109951 CET4434982813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.358495951 CET49828443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.358504057 CET4434982813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.407577991 CET4434982713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.408797979 CET49827443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.408821106 CET4434982713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.409416914 CET49827443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.409421921 CET4434982713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.683907032 CET49825443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.684102058 CET49825443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.684209108 CET4434982534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.729311943 CET4434982913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.729995012 CET49829443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.730022907 CET4434982913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.730577946 CET49829443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.730583906 CET4434982913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.786209106 CET4434982613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.786231995 CET4434982613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.786283970 CET49826443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.786308050 CET4434982613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.787448883 CET4434982613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.787507057 CET49826443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.792639971 CET4434982813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.793157101 CET49826443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.793170929 CET4434982613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.793209076 CET49826443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.793212891 CET4434982613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.795867920 CET4434982813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.795926094 CET49828443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.798531055 CET49828443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.798553944 CET4434982813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.798567057 CET49828443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.798573971 CET4434982813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.810817957 CET49834443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.810905933 CET4434983413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.811023951 CET49834443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.811916113 CET49835443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.811954021 CET4434983513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.812156916 CET49835443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.812164068 CET49834443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.812201977 CET4434983413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.812431097 CET49835443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.812444925 CET4434983513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.887998104 CET4434982713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.890829086 CET4434982713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.890888929 CET49827443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.903505087 CET49827443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.903505087 CET49827443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.903521061 CET4434982713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.903534889 CET4434982713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.908124924 CET4434983013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.914704084 CET49837443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.914745092 CET4434983713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.914818048 CET49837443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.915668011 CET49830443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.915690899 CET4434983013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.916121006 CET49830443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.916129112 CET4434983013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.919341087 CET49837443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.919354916 CET4434983713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.955729008 CET49838443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.955763102 CET44349838142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.955821991 CET49838443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.956065893 CET49838443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.956079960 CET44349838142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.000801086 CET49839443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.000833988 CET443498394.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.001126051 CET49839443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.001660109 CET49839443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.001672029 CET443498394.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.145029068 CET4434982534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.145250082 CET4434982534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.145596981 CET49825443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.186336994 CET49825443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.186336994 CET49825443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.186353922 CET4434982534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.186364889 CET4434982534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.188899994 CET4434982913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.191981077 CET4434982913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.192070007 CET49829443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.207638979 CET49829443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.207660913 CET4434982913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.207672119 CET49829443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.207678080 CET4434982913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.234105110 CET49840443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.234133959 CET4434984034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.234303951 CET49840443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.234632015 CET49840443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.234646082 CET4434984034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.243257999 CET49841443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.243350029 CET4434984113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.243434906 CET49841443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.243966103 CET49841443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.243999004 CET4434984113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.359193087 CET4434983013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.362251043 CET4434983013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.362301111 CET49830443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.363254070 CET49830443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.363274097 CET4434983013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.372667074 CET49842443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.372703075 CET4434984213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.372776031 CET49842443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.392829895 CET49842443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:04.392844915 CET4434984213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.527558088 CET4434983413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.550048113 CET4434984034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.550153017 CET49840443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.640930891 CET4434983713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.661613941 CET4434983513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.715992928 CET49840443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.715996027 CET49837443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.716006994 CET49834443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.716006994 CET49834443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.716020107 CET4434984034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.716033936 CET4434983713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.716046095 CET49837443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.716051102 CET4434983713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.716088057 CET4434983413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.716116905 CET4434983413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.716705084 CET49835443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.716727018 CET4434983513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.716944933 CET4434984034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.717087030 CET49835443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.717093945 CET4434983513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.718128920 CET49840443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.726492882 CET49840443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.726541042 CET4434984034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.741013050 CET443498394.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.741096973 CET49839443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.755899906 CET44349838142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.835218906 CET49838443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.842262983 CET49839443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.842288017 CET443498394.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.842647076 CET443498394.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.850409031 CET49838443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.850421906 CET44349838142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.854662895 CET44349838142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.854696989 CET44349838142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.854747057 CET49838443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.884114027 CET49838443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.884391069 CET44349838142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.889646053 CET49839443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.931337118 CET443498394.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.941207886 CET49838443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:05.941229105 CET44349838142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.025728941 CET4434984113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.028683901 CET49841443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.028776884 CET4434984113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.029287100 CET49841443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.029304981 CET4434984113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.035053968 CET4434983413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.038522959 CET4434983413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.040038109 CET49834443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.040390968 CET49834443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.040390968 CET49834443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.040431976 CET4434983413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.040461063 CET4434983413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.043299913 CET49845443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.043412924 CET4434984513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.043514967 CET49845443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.043783903 CET49845443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.043823004 CET4434984513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.078917980 CET4434983713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.081999063 CET4434983713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.083555937 CET49837443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.083720922 CET49837443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.083720922 CET49837443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.083740950 CET4434983713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.083750963 CET4434983713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.085840940 CET49846443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.085864067 CET4434984613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.085956097 CET49846443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.086095095 CET49846443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.086105108 CET4434984613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.114155054 CET4434983513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.114420891 CET4434984213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.116417885 CET49842443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.116441011 CET4434984213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.116952896 CET49842443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.116959095 CET4434984213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.117588997 CET4434983513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.119683027 CET49835443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.119683027 CET49835443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.119683027 CET49835443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.121857882 CET49847443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.121902943 CET4434984713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.123641014 CET49847443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.123758078 CET49847443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.123785019 CET4434984713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.142848015 CET49838443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.189035892 CET4434984034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.189243078 CET4434984034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.189306974 CET49840443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.400501966 CET49849443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.400612116 CET4434984934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.400713921 CET49849443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.402303934 CET49849443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.402340889 CET4434984934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.469090939 CET4434984113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.472265959 CET4434984113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.473027945 CET443498394.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.473053932 CET443498394.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.473062038 CET443498394.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.473071098 CET443498394.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.473100901 CET443498394.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.473154068 CET49841443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.473326921 CET49839443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.473356962 CET443498394.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.473403931 CET49839443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.492868900 CET49841443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.492868900 CET49841443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.492943048 CET4434984113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.492974997 CET4434984113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.502053976 CET49850443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.502115965 CET4434985013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.502207041 CET49850443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.504297972 CET49850443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.504316092 CET4434985013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.511013985 CET443498394.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.511056900 CET443498394.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.511096954 CET49839443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.511109114 CET443498394.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.511120081 CET443498394.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.511136055 CET49839443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.511153936 CET49839443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.511213064 CET49839443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.511226892 CET443498394.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.511235952 CET49839443192.168.2.54.245.163.56
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.511240959 CET443498394.245.163.56192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.512185097 CET49835443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.512198925 CET4434983513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.522171974 CET49840443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.522211075 CET4434984034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.522228003 CET49840443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.522233963 CET4434984034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.530316114 CET49851443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.530420065 CET4434985134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.530498028 CET49851443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.535022020 CET49851443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.535058975 CET4434985134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.548300028 CET4434984213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.551146030 CET4434984213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.551242113 CET49842443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.551702023 CET49842443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.551702023 CET49842443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.551718950 CET4434984213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.551728964 CET4434984213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.570260048 CET49852443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.570298910 CET4434985213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.570353985 CET49852443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.592463017 CET49852443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:06.592483997 CET4434985213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.303345919 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.303375959 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.303478956 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.303538084 CET49857443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.303575993 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.303620100 CET49857443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.303790092 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.303802967 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.304003000 CET49857443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.304017067 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.451656103 CET49860443192.168.2.534.96.102.137
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.451699018 CET4434986034.96.102.137192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.451754093 CET49860443192.168.2.534.96.102.137
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.452071905 CET49860443192.168.2.534.96.102.137
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.452085972 CET4434986034.96.102.137192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.630368948 CET4434984513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.633527040 CET49845443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.633610010 CET4434984513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.634025097 CET49845443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.634042025 CET4434984513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.705060959 CET4434984934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.705146074 CET49849443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.719950914 CET49849443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.719997883 CET4434984934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.720268011 CET4434984934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.747344971 CET4434985134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.747448921 CET49851443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.779407978 CET49851443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.779443979 CET4434985134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.779743910 CET4434985134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.787350893 CET49851443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.787445068 CET49851443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.787467003 CET4434985134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.791349888 CET49849443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.791812897 CET49849443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.791850090 CET4434984934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.840584993 CET4434984713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.875088930 CET49847443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.875145912 CET4434984713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.875899076 CET49847443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.875914097 CET4434984713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.930476904 CET4434984613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.938672066 CET49846443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.938709021 CET4434984613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.939151049 CET49846443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.939157963 CET4434984613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.075035095 CET4434984513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.077703953 CET4434984513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.079374075 CET49845443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.175812960 CET4434984934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.175899029 CET4434984934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.176016092 CET49849443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.198648930 CET4434985134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.198720932 CET4434985134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.198822975 CET49851443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.274545908 CET49845443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.274545908 CET49845443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.274605989 CET4434984513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.274636984 CET4434984513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.274867058 CET4434984713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.278012991 CET4434984713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.278088093 CET49847443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.286113977 CET4434985013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.294886112 CET49849443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.294943094 CET4434984934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.294974089 CET49849443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.294991016 CET4434984934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.305874109 CET49851443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.305895090 CET4434985134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.305938005 CET49851443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.305948973 CET4434985134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.309393883 CET49847443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.309405088 CET4434984713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.309417009 CET49847443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.309422970 CET4434984713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.310365915 CET49850443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.310389042 CET4434985013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.311029911 CET49850443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.311034918 CET4434985013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.332679033 CET49862443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.332735062 CET4434986234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.332808971 CET49862443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.333163023 CET49862443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.333194971 CET4434986234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.339433908 CET49863443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.339477062 CET4434986334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.339561939 CET49863443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.339785099 CET49863443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.339797974 CET4434986334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.345181942 CET49864443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.345247984 CET4434986413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.345314980 CET49864443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.345381975 CET49865443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.345422983 CET4434986513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.345475912 CET49865443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.347575903 CET49864443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.347626925 CET4434986413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.347656012 CET49865443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.347668886 CET4434986513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.378278971 CET4434985213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.382873058 CET49852443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.382904053 CET4434985213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.383317947 CET49852443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.383322954 CET4434985213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.384301901 CET4434984613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.387993097 CET4434984613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.388050079 CET4434984613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.388103962 CET49846443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.388145924 CET49846443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.388159037 CET4434984613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.388175964 CET49846443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.388180971 CET4434984613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.390352964 CET49867443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.390368938 CET4434986713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.390429020 CET49867443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.390543938 CET49867443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.390552998 CET4434986713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.538151026 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.541183949 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.541207075 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.542854071 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.542924881 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.543878078 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.543961048 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.544035912 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.561330080 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.564071894 CET49857443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.564095020 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.565603971 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.565725088 CET49857443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.566143036 CET49857443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.566221952 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.566312075 CET49857443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.591327906 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.607336998 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.612863064 CET49857443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.612878084 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.631052017 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.631069899 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.715852976 CET4434986034.96.102.137192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.719695091 CET49860443192.168.2.534.96.102.137
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.719711065 CET4434986034.96.102.137192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.721246004 CET4434986034.96.102.137192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.721314907 CET49860443192.168.2.534.96.102.137
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.729732037 CET4434985013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.732912064 CET4434985013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.732965946 CET49850443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.732973099 CET4434985013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.733017921 CET49850443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.740016937 CET49860443192.168.2.534.96.102.137
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.740175009 CET4434986034.96.102.137192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.740895987 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.751466036 CET49850443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.751494884 CET4434985013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.751516104 CET49850443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.751523972 CET4434985013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.779027939 CET49868443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.779125929 CET4434986813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.779234886 CET49868443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.779484034 CET49868443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.779535055 CET4434986813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.816880941 CET49857443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.817140102 CET49860443192.168.2.534.96.102.137
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.817150116 CET4434986034.96.102.137192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.823972940 CET4434985213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.827122927 CET4434985213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.827208042 CET49852443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.827759027 CET49852443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.827779055 CET4434985213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.827790976 CET49852443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.827795982 CET4434985213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.835572958 CET49869443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.835604906 CET4434986913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.835736990 CET49869443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.836165905 CET49869443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:08.836179972 CET4434986913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.003942013 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.004074097 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.004168034 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.004221916 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.004245043 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.004290104 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.004297972 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.004407883 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.004930019 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.004936934 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.016417980 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.016478062 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.016535997 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.016556025 CET49857443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.016577959 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.016629934 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.016675949 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.016810894 CET49857443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.016827106 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.016850948 CET49857443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.017313004 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.017404079 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.017455101 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.017465115 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.017510891 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.018490076 CET49860443192.168.2.534.96.102.137
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.024671078 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.024724960 CET49857443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.024740934 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.025671005 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.033035040 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.033538103 CET49857443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.033555984 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.123589993 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.123833895 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.123848915 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.201760054 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.205580950 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.205630064 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.209352016 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.209454060 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.209476948 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.217283964 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.217536926 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.217560053 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.221445084 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.221554995 CET49857443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.221571922 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.223789930 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.224057913 CET49857443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.224071980 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.225171089 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.225228071 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.225250959 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.231693029 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.231753111 CET49857443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.231767893 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.239393950 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.239453077 CET49857443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.239469051 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.239499092 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.239541054 CET49857443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.241231918 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.241343975 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.241344929 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.241379976 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.241424084 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.242157936 CET49857443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.242192030 CET44349857104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.248470068 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.256397009 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.256483078 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.256494999 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.264307976 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.264350891 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.264389992 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.264401913 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.264448881 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.272254944 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.280057907 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.280158997 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.280175924 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.280193090 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.280301094 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.280908108 CET49856443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.280926943 CET44349856104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.389444113 CET49870443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.389517069 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.389628887 CET49870443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.389904022 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.389951944 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.390098095 CET49870443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.390113115 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.390428066 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.390428066 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.390465975 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.548248053 CET4434986234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.548315048 CET49862443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.550060034 CET49862443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.550066948 CET4434986234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.550381899 CET4434986234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.554667950 CET49862443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.554832935 CET49862443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.554852962 CET4434986234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.601319075 CET4434986334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.601618052 CET49863443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.605216980 CET49863443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.605226994 CET4434986334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.605453968 CET4434986334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.723967075 CET49863443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.976676941 CET4434986713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.980715036 CET49867443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.980745077 CET4434986713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.981245041 CET49867443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.981251955 CET4434986713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.998032093 CET49863443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.998166084 CET49863443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.998214006 CET4434986334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.999382019 CET4434986234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.999459028 CET4434986234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.999524117 CET49862443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.999840021 CET49862443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.999855042 CET4434986234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.999900103 CET49862443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.999907970 CET4434986234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.012134075 CET49872443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.012178898 CET4434987234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.012368917 CET49872443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.012875080 CET49872443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.012890100 CET4434987234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.069242001 CET4434986413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.069535971 CET4434986513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.079246044 CET49864443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.079278946 CET4434986413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.079751968 CET49864443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.079758883 CET4434986413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.080243111 CET49865443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.080275059 CET4434986513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.081446886 CET49865443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.081453085 CET4434986513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.428390980 CET4434986713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.432270050 CET4434986713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.432306051 CET4434986713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.432328939 CET49867443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.432377100 CET49867443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.453340054 CET49867443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.453362942 CET4434986713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.453377008 CET49867443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.453382015 CET4434986713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.465425968 CET4434986334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.465498924 CET4434986334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.465583086 CET49863443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.489511967 CET49863443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.489511967 CET49863443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.489526987 CET4434986334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.489535093 CET4434986334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.505120039 CET4434986413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.506238937 CET4434986513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.508346081 CET49876443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.508374929 CET4434987634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.508562088 CET49876443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.509243965 CET4434986413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.509273052 CET4434986513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.509319067 CET49864443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.509516001 CET49865443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.509833097 CET49877443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.509855032 CET4434987713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.510024071 CET49864443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.510040045 CET4434986413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.510047913 CET49877443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.510057926 CET49864443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.510065079 CET4434986413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.512073040 CET49878443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.512096882 CET4434987813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.512167931 CET49877443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.512180090 CET4434987713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.512294054 CET49878443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.512294054 CET49878443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.512315989 CET4434987813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.512670994 CET49865443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.512685061 CET4434986513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.512696028 CET49865443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.512701035 CET4434986513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.519026041 CET49876443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.519040108 CET4434987634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.526453972 CET49879443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.526465893 CET4434987913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.526523113 CET49879443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.527791023 CET49879443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.527801991 CET4434987913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.566018105 CET4434986813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.570034981 CET49868443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.570049047 CET4434986813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.570394039 CET49868443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.570399046 CET4434986813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.604022980 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.605899096 CET49870443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.605906963 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.606995106 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.607074022 CET49870443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.607353926 CET49870443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.607394934 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.607491970 CET49870443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.631123066 CET4434986913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.650826931 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.651324034 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.715136051 CET49869443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.715250969 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.718399048 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.718415022 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.720073938 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.720091105 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.720181942 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.819325924 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.821644068 CET49870443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.921550035 CET49869443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.921571970 CET4434986913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.922204018 CET49869443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.922214031 CET4434986913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.930434942 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.930600882 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.934535980 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.934554100 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.969204903 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.969249964 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.969330072 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.969872952 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.969886065 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.978877068 CET49883443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.978908062 CET44349883104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.979526043 CET49883443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.980226040 CET49883443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.980245113 CET44349883104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.014442921 CET4434986813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.017533064 CET4434986813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.017589092 CET49868443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.019402981 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.046492100 CET49868443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.046499968 CET4434986813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.046515942 CET49868443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.046520948 CET4434986813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.052890062 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.053039074 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.053123951 CET49870443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.053131104 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.053211927 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.053288937 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.053338051 CET49870443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.053344965 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.053380013 CET49870443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.055771112 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.064332008 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.065556049 CET49870443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.065562010 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.067985058 CET49884443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.068002939 CET4434988413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.068068027 CET49884443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.072129011 CET49884443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.072141886 CET4434988413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.072763920 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.073538065 CET49870443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.073546886 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.129313946 CET49870443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.172169924 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.240282059 CET49870443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.240288973 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.246465921 CET4434986913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.248056889 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.248117924 CET49870443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.248125076 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.249656916 CET4434986913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.250792980 CET49869443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.250828981 CET49869443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.250843048 CET4434986913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.250852108 CET49869443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.250857115 CET4434986913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.254062891 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.254204035 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.254322052 CET49870443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.254338026 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.254383087 CET49870443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.261650085 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.261796951 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.261851072 CET49870443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.273410082 CET49870443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.273421049 CET44349870104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.275288105 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.275353909 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.275393009 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.275429964 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.275466919 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.275507927 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.275566101 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.275566101 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.275566101 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.275583029 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.276257992 CET4434987234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.276398897 CET49872443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.283751965 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.285598040 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.285609007 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.291990995 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.292633057 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.292648077 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.294619083 CET49872443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.294635057 CET4434987234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.294934988 CET4434987234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.294981003 CET49892443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.295013905 CET4434989213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.295198917 CET49892443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.295356035 CET49892443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.295367956 CET4434989213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.424007893 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.424019098 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.424048901 CET49872443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.478635073 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.478735924 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.478916883 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.478931904 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.482103109 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.486474037 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.494479895 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.497601986 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.497610092 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.502095938 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.502290010 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.502295017 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.509948969 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.510092020 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.510102987 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.517734051 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.517834902 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.517846107 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.522787094 CET49872443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.522872925 CET49872443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.522912025 CET4434987234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.533310890 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.533427954 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.533432007 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.533442020 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.533505917 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.540923119 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.548829079 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.548888922 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.548897982 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.548903942 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.548999071 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.556538105 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.556705952 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.556899071 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.557014942 CET49871443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.557028055 CET44349871104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.774353027 CET4434987634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.774499893 CET49876443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.778279066 CET49876443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.778290987 CET4434987634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.778484106 CET4434987634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.779472113 CET49876443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.779587984 CET49876443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.779603004 CET4434987634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.983957052 CET4434987234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.984251976 CET4434987234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.984306097 CET49872443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.984493971 CET49872443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.984515905 CET4434987234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.984527111 CET49872443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.984532118 CET4434987234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.986119032 CET49894443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.986146927 CET4434989434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.986213923 CET49894443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.987749100 CET49894443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.987761021 CET4434989434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.228698969 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.229176998 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.229192019 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.230452061 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.231090069 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.231262922 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.234463930 CET4434987813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.234989882 CET49878443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.235012054 CET4434987813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.235558033 CET49878443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.235563993 CET4434987813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.235912085 CET4434987634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.236119986 CET4434987634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.236181974 CET49876443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.236531019 CET44349883104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.237166882 CET49883443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.237191916 CET44349883104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.237543106 CET49876443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.237593889 CET4434987634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.237644911 CET49876443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.237659931 CET4434987634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.238204002 CET44349883104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.238270998 CET49883443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.239047050 CET49883443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.239106894 CET44349883104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.239306927 CET49883443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.239320993 CET44349883104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.242270947 CET49895443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.242394924 CET4434989534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.242485046 CET49895443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.242753029 CET49895443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.242786884 CET4434989534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.245867968 CET4434987913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.246187925 CET49879443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.246267080 CET4434987913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.246582985 CET49879443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.246598959 CET4434987913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.326105118 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.363667011 CET4434987713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.364856958 CET49877443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.364898920 CET4434987713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.365272999 CET49877443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.365283966 CET4434987713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.435014963 CET49883443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.671118975 CET4434987813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.674273968 CET4434987813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.674369097 CET49878443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.674381971 CET4434987813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.674400091 CET4434987813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.674674034 CET49878443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.681015968 CET4434987913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.683543921 CET49878443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.683543921 CET49878443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.683562040 CET4434987813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.683569908 CET4434987813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.684156895 CET4434987913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.684211016 CET49879443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.693768978 CET49879443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.693768978 CET49879443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.693810940 CET4434987913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.693840981 CET4434987913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.697422028 CET49897443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.697452068 CET4434989713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.697506905 CET49897443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.699398994 CET49898443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.699434996 CET4434989813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.699491024 CET49898443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.700881958 CET49897443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.700891972 CET4434989713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.704940081 CET49898443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.704948902 CET4434989813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.709850073 CET44349883104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.709980965 CET44349883104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.710021019 CET49883443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.710028887 CET44349883104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.710130930 CET44349883104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.710170031 CET49883443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.710175991 CET44349883104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.710273027 CET44349883104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.710309982 CET49883443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.710319042 CET44349883104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.710462093 CET44349883104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.710504055 CET49883443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.716809988 CET49883443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.716814995 CET44349883104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.755753994 CET49899443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.755764961 CET44349899104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.755810022 CET49899443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.756088972 CET49899443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.756097078 CET44349899104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.816977024 CET4434987713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.819981098 CET4434987713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.820036888 CET49877443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.837296963 CET49877443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.837296963 CET49877443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.837321043 CET4434987713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.837342978 CET4434987713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.863666058 CET49900443192.168.2.5172.64.155.119
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.863708973 CET44349900172.64.155.119192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.863756895 CET49900443192.168.2.5172.64.155.119
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.864080906 CET49900443192.168.2.5172.64.155.119
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.864095926 CET44349900172.64.155.119192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.942742109 CET4434988413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.017960072 CET4434989213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.031701088 CET49884443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.042606115 CET49884443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.042618990 CET4434988413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.043437004 CET49884443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.043443918 CET4434988413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.049631119 CET49901443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.049650908 CET4434990113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.049709082 CET49901443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.049967051 CET49901443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.049976110 CET4434990113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.053766966 CET49892443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.053786993 CET4434989213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.054457903 CET49892443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.054465055 CET4434989213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.299559116 CET4434989434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.299940109 CET49894443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.441256046 CET4434988413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.441282988 CET4434988413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.441374063 CET4434988413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.441385031 CET49884443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.441457987 CET49884443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.451153040 CET4434989213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.454298019 CET4434989213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.454479933 CET49892443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.558473110 CET4434989534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.558684111 CET49895443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.940438986 CET49894443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.940490961 CET4434989434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.941493988 CET4434989434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.946336031 CET49894443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.946630955 CET49894443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.946690083 CET4434989434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.947009087 CET49884443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.947052002 CET4434988413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.947078943 CET49884443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.947094917 CET4434988413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.948801994 CET49892443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.948801994 CET49892443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.948826075 CET4434989213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.948836088 CET4434989213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.952131033 CET49895443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.952178001 CET4434989534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.952512026 CET4434989534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.953161001 CET49895443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.953306913 CET49895443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.953330040 CET4434989534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:13.973499060 CET44349899104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.019891977 CET49899443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.096507072 CET49899443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.096513987 CET44349899104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.097816944 CET44349899104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.133658886 CET44349900172.64.155.119192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.140414000 CET49899443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.140672922 CET44349899104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.141072989 CET49900443192.168.2.5172.64.155.119
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.141099930 CET44349900172.64.155.119192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.142178059 CET44349900172.64.155.119192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.142265081 CET49900443192.168.2.5172.64.155.119
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.143454075 CET49899443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.144499063 CET49900443192.168.2.5172.64.155.119
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.144579887 CET44349900172.64.155.119192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.144810915 CET49900443192.168.2.5172.64.155.119
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.144843102 CET44349900172.64.155.119192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.191329956 CET44349899104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.198133945 CET49900443192.168.2.5172.64.155.119
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.264374971 CET49906443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.264398098 CET4434990613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.264467001 CET49906443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.416312933 CET4434989434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.417356968 CET4434989434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.417432070 CET49894443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.423959970 CET4434989534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.424026012 CET4434989534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.424088955 CET49895443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.476607084 CET49908443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.476650000 CET4434990813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.476752996 CET49908443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.478286028 CET44349899104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.478348970 CET44349899104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.478393078 CET44349899104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.478421926 CET49899443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.478427887 CET44349899104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.478466034 CET49899443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.478470087 CET44349899104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.478528023 CET44349899104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.478586912 CET49899443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.478590965 CET44349899104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.478637934 CET44349899104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.478682995 CET49899443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.484278917 CET4434989713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.484772921 CET49899443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.484783888 CET44349899104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.488543034 CET49894443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.488559008 CET4434989434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.489243984 CET49906443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.489258051 CET4434990613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.494360924 CET49895443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.494379997 CET4434989534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.494420052 CET49895443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.494426012 CET4434989534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.494648933 CET49908443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.494663954 CET4434990813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.495933056 CET49897443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.495945930 CET4434989713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.496428013 CET49897443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.496432066 CET4434989713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.510983944 CET49909443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.511023045 CET4434990934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.511116028 CET49909443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.514990091 CET49909443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.515002966 CET4434990934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.556093931 CET4434989813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.556886911 CET49898443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.556919098 CET4434989813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.557429075 CET49898443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.557434082 CET4434989813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.599972010 CET44349900172.64.155.119192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.600147963 CET44349900172.64.155.119192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.600229025 CET49900443192.168.2.5172.64.155.119
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.603359938 CET49900443192.168.2.5172.64.155.119
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.603406906 CET44349900172.64.155.119192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.610280037 CET49910443192.168.2.554.229.91.192
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.610321045 CET4434991054.229.91.192192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.610389948 CET49910443192.168.2.554.229.91.192
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.610610962 CET49910443192.168.2.554.229.91.192
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.610625029 CET4434991054.229.91.192192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.833672047 CET4434990113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.869818926 CET49901443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.869854927 CET4434990113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.870589018 CET49901443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.870599031 CET4434990113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.928457975 CET4434989713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.931570053 CET4434989713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.931621075 CET49897443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.984862089 CET49897443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.984882116 CET4434989713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.008982897 CET4434989813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.011987925 CET4434989813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.012058973 CET49898443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.053251982 CET49898443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.053293943 CET4434989813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.053311110 CET49898443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.053323030 CET4434989813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.072247028 CET49911443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.072293997 CET4434991113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.072369099 CET49911443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.079365969 CET49912443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.079457998 CET4434991213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.079528093 CET49912443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.084088087 CET49911443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.084105968 CET4434991113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.114833117 CET49912443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.114878893 CET4434991213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.282198906 CET4434990113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.285373926 CET4434990113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.285448074 CET4434990113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.285448074 CET49901443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.285521030 CET49901443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.287152052 CET49901443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.287215948 CET4434990113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.287246943 CET49901443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.287262917 CET4434990113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.289772034 CET49914443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.289836884 CET4434991413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.289927959 CET49914443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.290070057 CET49914443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.290088892 CET4434991413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.378763914 CET49917443192.168.2.5104.18.32.137
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.378853083 CET44349917104.18.32.137192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.378930092 CET49917443192.168.2.5104.18.32.137
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.379129887 CET49917443192.168.2.5104.18.32.137
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.379168987 CET44349917104.18.32.137192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.420397043 CET44349838142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.420578957 CET44349838142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.420643091 CET49838443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.472170115 CET49838443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.472198009 CET44349838142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.772703886 CET4434990934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.772877932 CET49909443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.774219990 CET49909443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.774229050 CET4434990934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.774490118 CET4434990934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.775729895 CET49909443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.775846958 CET49909443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.775870085 CET4434990934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.086036921 CET4434991054.229.91.192192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.146147013 CET49910443192.168.2.554.229.91.192
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.146172047 CET4434991054.229.91.192192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.150598049 CET4434991054.229.91.192192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.150629997 CET4434991054.229.91.192192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.150660038 CET49910443192.168.2.554.229.91.192
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.233078003 CET4434990934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.233140945 CET4434990934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.233350992 CET49909443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.277017117 CET4434990613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.282957077 CET4434980123.1.237.91192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.283073902 CET49801443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.288523912 CET4434990813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.323849916 CET49910443192.168.2.554.229.91.192
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.324081898 CET4434991054.229.91.192192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.324265003 CET49910443192.168.2.554.229.91.192
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.324301958 CET4434991054.229.91.192192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.330938101 CET49909443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.330960989 CET4434990934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.330972910 CET49909443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.330980062 CET4434990934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.331615925 CET49906443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.331641912 CET4434990613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.332221031 CET49906443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.332226038 CET4434990613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.332463980 CET49908443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.332480907 CET4434990813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.332849026 CET49908443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.332854033 CET4434990813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.340709925 CET49918443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.340738058 CET4434991834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.340869904 CET49918443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.341181040 CET49918443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.341192007 CET4434991834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.366751909 CET49910443192.168.2.554.229.91.192
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.411712885 CET49919443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.411818981 CET4434991934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.412451029 CET49919443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.412899017 CET49919443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.412913084 CET4434991934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.643918037 CET44349917104.18.32.137192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.644324064 CET49917443192.168.2.5104.18.32.137
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.644360065 CET44349917104.18.32.137192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.645360947 CET44349917104.18.32.137192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.645426989 CET49917443192.168.2.5104.18.32.137
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.646193981 CET49917443192.168.2.5104.18.32.137
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.646267891 CET44349917104.18.32.137192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.646389008 CET49917443192.168.2.5104.18.32.137
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.646408081 CET44349917104.18.32.137192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.719433069 CET4434990613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.723258972 CET4434990613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.723339081 CET49906443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.723390102 CET49906443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.723390102 CET49906443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.723413944 CET4434990613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.723422050 CET4434990613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.727037907 CET49921443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.727083921 CET4434992113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.728027105 CET49921443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.728281975 CET49921443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.728298903 CET4434992113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.732706070 CET4434990813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.735764027 CET4434990813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.735831022 CET49908443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.735878944 CET49908443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.735903978 CET4434990813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.735918045 CET49908443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.735925913 CET4434990813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.738782883 CET4434991054.229.91.192192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.738864899 CET4434991054.229.91.192192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.738874912 CET49922443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.738898993 CET49910443192.168.2.554.229.91.192
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.738903999 CET4434992213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.738962889 CET49922443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.739104986 CET49922443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.739115953 CET4434992213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.739870071 CET49910443192.168.2.554.229.91.192
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.739877939 CET4434991054.229.91.192192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.837141991 CET49924443192.168.2.566.235.152.221
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.837174892 CET4434992466.235.152.221192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.837259054 CET49924443192.168.2.566.235.152.221
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.837516069 CET49924443192.168.2.566.235.152.221
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.837528944 CET4434992466.235.152.221192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.845299959 CET49917443192.168.2.5104.18.32.137
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.876007080 CET4434991113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.878477097 CET49911443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.878494024 CET4434991113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.879704952 CET49911443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.879709005 CET4434991113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.905786991 CET49928443192.168.2.563.34.142.90
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.905808926 CET4434992863.34.142.90192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.905890942 CET49928443192.168.2.563.34.142.90
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.906049013 CET49928443192.168.2.563.34.142.90
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.906063080 CET4434992863.34.142.90192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.969990969 CET4434991213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.974087000 CET49912443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.974114895 CET4434991213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.975019932 CET49912443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.975027084 CET4434991213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.080813885 CET4434991413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.086843967 CET49914443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.086863995 CET4434991413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.087388992 CET49914443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.087394953 CET4434991413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.109608889 CET44349917104.18.32.137192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.109687090 CET44349917104.18.32.137192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.109843969 CET49917443192.168.2.5104.18.32.137
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.110703945 CET49917443192.168.2.5104.18.32.137
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.110726118 CET44349917104.18.32.137192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.327460051 CET4434991113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.327548981 CET4434991113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.327642918 CET49911443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.341671944 CET49911443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.341691017 CET4434991113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.370266914 CET49931443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.370316982 CET4434993113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.370378971 CET49931443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.371743917 CET49931443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.371766090 CET4434993113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.422463894 CET4434991213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.425668001 CET4434991213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.425723076 CET4434991213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.425740957 CET49912443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.429608107 CET49912443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.430017948 CET49912443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.430068016 CET4434991213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.430097103 CET49912443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.430113077 CET4434991213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.444489002 CET49932443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.444587946 CET4434993213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.444674015 CET49932443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.444849968 CET49932443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.444899082 CET4434993213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.534796953 CET4434991413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.538290024 CET4434991413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.538368940 CET49914443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.540783882 CET49914443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.540807009 CET4434991413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.540821075 CET49914443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.540827990 CET4434991413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.547849894 CET49933443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.547885895 CET4434993313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.548126936 CET49933443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.548793077 CET49933443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.548805952 CET4434993313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.553889036 CET4434991834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.553956985 CET49918443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.576075077 CET49918443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.576107979 CET4434991834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.576344967 CET4434991834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.577454090 CET49918443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.578001022 CET49918443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.578025103 CET4434991834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.591475010 CET49934443192.168.2.534.253.40.242
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.591530085 CET4434993434.253.40.242192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.591643095 CET49934443192.168.2.534.253.40.242
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.591844082 CET49934443192.168.2.534.253.40.242
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.591856003 CET4434993434.253.40.242192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.672449112 CET4434991934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.672533989 CET49919443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.675510883 CET49919443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.675517082 CET4434991934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.675791979 CET4434991934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.677674055 CET49919443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.678229094 CET49919443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.678232908 CET4434991934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.005399942 CET4434991834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.005496025 CET4434991834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.005547047 CET49918443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.007185936 CET49918443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.007208109 CET4434991834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.007221937 CET49918443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.007230043 CET4434991834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.013444901 CET49935443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.013470888 CET4434993534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.013571978 CET49935443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.013858080 CET49935443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.013869047 CET4434993534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.132863045 CET4434991934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.132960081 CET4434991934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.133008957 CET49919443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.133649111 CET49919443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.133657932 CET4434991934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.133670092 CET49919443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.133673906 CET4434991934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.136563063 CET49936443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.136599064 CET4434993634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.136820078 CET49936443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.137130022 CET49936443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.137146950 CET4434993634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.256488085 CET4434992466.235.152.221192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.257092953 CET49924443192.168.2.566.235.152.221
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.257118940 CET4434992466.235.152.221192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.258065939 CET4434992466.235.152.221192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.258182049 CET49924443192.168.2.566.235.152.221
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.260943890 CET49924443192.168.2.566.235.152.221
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.261003017 CET4434992466.235.152.221192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.261584044 CET49924443192.168.2.566.235.152.221
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.261593103 CET4434992466.235.152.221192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.330574036 CET4434992863.34.142.90192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.330847025 CET49928443192.168.2.563.34.142.90
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.330858946 CET4434992863.34.142.90192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.332336903 CET4434992863.34.142.90192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.332480907 CET49928443192.168.2.563.34.142.90
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.336165905 CET49928443192.168.2.563.34.142.90
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.336247921 CET4434992863.34.142.90192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.337291956 CET49928443192.168.2.563.34.142.90
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.337301016 CET4434992863.34.142.90192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.440165043 CET49924443192.168.2.566.235.152.221
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.457073927 CET4434992113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.464030981 CET49928443192.168.2.563.34.142.90
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.469193935 CET49921443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.469203949 CET4434992113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.469877005 CET49921443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.469881058 CET4434992113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.537420988 CET4434992213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.575356960 CET49922443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.575382948 CET4434992213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.575835943 CET49922443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.575840950 CET4434992213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.789936066 CET4434992466.235.152.221192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.790015936 CET4434992466.235.152.221192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.790158033 CET49924443192.168.2.566.235.152.221
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.856152058 CET4434992863.34.142.90192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.856237888 CET4434992863.34.142.90192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.856316090 CET49928443192.168.2.563.34.142.90
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.890188932 CET4434992113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.893207073 CET4434992113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.893285990 CET49921443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.950190067 CET49924443192.168.2.566.235.152.221
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.950208902 CET4434992466.235.152.221192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.950962067 CET49928443192.168.2.563.34.142.90
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.950968981 CET4434992863.34.142.90192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.964560032 CET4434993434.253.40.242192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.965084076 CET49934443192.168.2.534.253.40.242
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.965101957 CET4434993434.253.40.242192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.966568947 CET4434993434.253.40.242192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.966629982 CET49934443192.168.2.534.253.40.242
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.968105078 CET49934443192.168.2.534.253.40.242
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.968182087 CET4434993434.253.40.242192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.968295097 CET49934443192.168.2.534.253.40.242
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.968301058 CET4434993434.253.40.242192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.979671955 CET4434992213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.979816914 CET4434992213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:18.979907990 CET49922443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.005800009 CET49921443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.005815029 CET4434992113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.005825043 CET49921443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.005831003 CET4434992113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.026249886 CET49922443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.026249886 CET49922443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.026267052 CET4434992213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.026276112 CET4434992213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.057034969 CET49940443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.057066917 CET4434994013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.057152987 CET49940443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.065154076 CET49940443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.065167904 CET4434994013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.132308006 CET49941443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.132335901 CET4434994113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.132400990 CET49941443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.137943983 CET49941443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.137957096 CET4434994113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.156968117 CET4434993113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.160116911 CET49931443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.160151958 CET4434993113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.160564899 CET49931443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.160577059 CET4434993113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.170301914 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.172718048 CET49934443192.168.2.534.253.40.242
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.215322971 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.226201057 CET4434993213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.227082014 CET49932443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.227102041 CET4434993213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.227555990 CET49932443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.227561951 CET4434993213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.236478090 CET4434993534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.236655951 CET49935443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.244914055 CET49935443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.244920969 CET4434993534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.245167017 CET4434993534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.246568918 CET49935443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.247056961 CET49935443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.247061968 CET4434993534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.397902966 CET4434993634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.397979021 CET49936443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.398148060 CET4434993313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.403808117 CET49936443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.403820038 CET4434993634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.404189110 CET4434993634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.404351950 CET49933443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.404369116 CET4434993313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.405128956 CET49936443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.405143976 CET49933443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.405149937 CET4434993313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.405412912 CET49936443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.405417919 CET4434993634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.409269094 CET49947443192.168.2.566.235.152.221
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.409344912 CET4434994766.235.152.221192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.409482956 CET49947443192.168.2.566.235.152.221
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.409679890 CET49947443192.168.2.566.235.152.221
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.409715891 CET4434994766.235.152.221192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.494009018 CET4434993434.253.40.242192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.494039059 CET4434993434.253.40.242192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.494048119 CET4434993434.253.40.242192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.494086027 CET49934443192.168.2.534.253.40.242
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.494098902 CET4434993434.253.40.242192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.494127035 CET4434993434.253.40.242192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.494143009 CET49934443192.168.2.534.253.40.242
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.494168043 CET49934443192.168.2.534.253.40.242
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.494538069 CET49934443192.168.2.534.253.40.242
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.494550943 CET4434993434.253.40.242192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.509780884 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.509951115 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.510044098 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.510051012 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.510164022 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.510215044 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.510221004 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.517827988 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.517975092 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.518028975 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.518034935 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.518559933 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.526300907 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.534255981 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.534306049 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.534311056 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.600121975 CET4434993113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.603468895 CET4434993113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.603518963 CET4434993113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.603590965 CET49931443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.604047060 CET49931443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.604047060 CET49931443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.604080915 CET4434993113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.604104996 CET4434993113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.607000113 CET49949443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.607028008 CET4434994913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.607170105 CET49949443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.607377052 CET49949443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.607394934 CET4434994913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.669269085 CET4434993213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.672350883 CET4434993213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.672434092 CET49932443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.679768085 CET49932443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.679792881 CET4434993213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.683621883 CET49950443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.683640957 CET4434995013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.683747053 CET49950443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.684798002 CET49950443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.684808969 CET4434995013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.684854984 CET4434993534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.685028076 CET4434993534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.685080051 CET49935443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.685451031 CET49935443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.685456991 CET4434993534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.685467958 CET49935443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.685471058 CET4434993534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.687175989 CET49951443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.687205076 CET4434995134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.687264919 CET49951443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.689593077 CET49951443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.689625978 CET4434995134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.710583925 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.710643053 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.710653067 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.714425087 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.714472055 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.714477062 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.722335100 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.722449064 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.722455025 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.729876995 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.729924917 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.729931116 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.737687111 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.738487005 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.738492966 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.753173113 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.753292084 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.753354073 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.753362894 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.753551960 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.761009932 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.768770933 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.768901110 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.768971920 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.768989086 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.769555092 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.776537895 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.784332991 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.784421921 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.784427881 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.792176008 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.792296886 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.792303085 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.800008059 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.800072908 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.800079107 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.850512981 CET4434993313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.854450941 CET4434993313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.854522943 CET49933443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.854574919 CET49933443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.854593039 CET4434993313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.854604006 CET49933443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.854608059 CET4434993313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.858210087 CET4434993634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.858314037 CET4434993634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.858374119 CET49936443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.858566046 CET49952443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.858623028 CET4434995213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.858736038 CET49952443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.859653950 CET49936443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.859666109 CET4434993634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.859870911 CET49952443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.859882116 CET4434995213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.908013105 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.908021927 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.913294077 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.913346052 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.913352013 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.919236898 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.919317007 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.919322968 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.923940897 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.924418926 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.924424887 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.928930044 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.929001093 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.929006100 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.929042101 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.938147068 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.938165903 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.938200951 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.947072983 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.947092056 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.947129965 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.947135925 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.947170019 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.955975056 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.956022024 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.956048965 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.956089020 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.964835882 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.964854002 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.964893103 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.973768950 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.973829985 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.973835945 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.973891020 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.978337049 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.978396893 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.987226009 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.987287045 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.996146917 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.996201038 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.000655890 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.000731945 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.009514093 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.009577036 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.018482924 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.018547058 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.033904076 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.033958912 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.115128040 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.115186930 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.122011900 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.122067928 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.125360966 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.125427008 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.125466108 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.131865978 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.131931067 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.135050058 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.135104895 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.141318083 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.141381979 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.147183895 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.147258997 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.153070927 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.153134108 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.156117916 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.156177998 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.162014008 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.162067890 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.165431976 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.165487051 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.168720007 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.168780088 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.170480013 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.170533895 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.173774004 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.173841953 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.176290035 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.176353931 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.179698944 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.179755926 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.181746006 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.181807041 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.184863091 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.184920073 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.188179016 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.188237906 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.192044020 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.192147017 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.193315983 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.193386078 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.196626902 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.196713924 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.198458910 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.198518991 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.233819008 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.233880997 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.236299038 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.236362934 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.239641905 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.239696980 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.319535971 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.319555998 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.319602013 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.319607973 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.319645882 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.319658995 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.319688082 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.328370094 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.328432083 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.328447104 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.328521013 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.338556051 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.338613033 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.338622093 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.338648081 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.338676929 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.338691950 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.346941948 CET49953443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.346968889 CET4434995334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.347117901 CET49953443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.348592997 CET49953443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.348606110 CET4434995334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.348804951 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.348864079 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.348875046 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.348886013 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.348922014 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.348934889 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.357503891 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.357563019 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.357574940 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.357584000 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.357628107 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.357645035 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.364981890 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.365042925 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.365077972 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.365082979 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.365127087 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.375430107 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.375484943 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.375494957 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.375535965 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.375566959 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.375682116 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.378242016 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.378298044 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.378302097 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.378333092 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.378354073 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.448332071 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.520792007 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.520868063 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.520870924 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.520903111 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.520926952 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.520944118 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.521013975 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.525166988 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.525219917 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.525233030 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.525239944 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.525265932 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.525527000 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.526483059 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.589214087 CET49882443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.589230061 CET44349882104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.629543066 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.629587889 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.629652023 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.630060911 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.630072117 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.780008078 CET4434994766.235.152.221192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.780832052 CET49947443192.168.2.566.235.152.221
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.780860901 CET4434994766.235.152.221192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.781886101 CET4434994766.235.152.221192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.782027960 CET49947443192.168.2.566.235.152.221
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.782324076 CET49947443192.168.2.566.235.152.221
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.782386065 CET4434994766.235.152.221192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.782476902 CET49947443192.168.2.566.235.152.221
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.823348999 CET4434994766.235.152.221192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.863656998 CET49947443192.168.2.566.235.152.221
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.863679886 CET4434994766.235.152.221192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.922264099 CET4434994113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.930051088 CET4434994013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.930316925 CET49941443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.930366039 CET4434994113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.931044102 CET49941443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.931055069 CET4434994113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.938138962 CET49940443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.938138962 CET49940443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.938155890 CET4434994013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.938163996 CET4434994013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:20.971337080 CET49947443192.168.2.566.235.152.221
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.007235050 CET4434995134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.009557962 CET49951443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.033557892 CET49951443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.033580065 CET4434995134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.034513950 CET4434995134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.036351919 CET49951443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.037220955 CET49951443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.037231922 CET4434995134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.317059040 CET4434994766.235.152.221192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.317122936 CET4434994766.235.152.221192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.321557999 CET49947443192.168.2.566.235.152.221
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.389189005 CET4434994013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.393102884 CET4434994013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.393223047 CET4434994013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.393559933 CET49940443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.461966038 CET4434994913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.478372097 CET4434995134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.478535891 CET4434995134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.482992887 CET49951443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.547231913 CET4434995013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.621946096 CET4434995334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.622050047 CET49953443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.647315979 CET49950443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.671334982 CET4434994913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.671406984 CET49949443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.721064091 CET4434995213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.791256905 CET49947443192.168.2.566.235.152.221
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.791335106 CET4434994766.235.152.221192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.798652887 CET49952443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.798700094 CET4434995213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.798760891 CET49949443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.798787117 CET4434994913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.799623013 CET49949443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.799638987 CET4434994913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.800014973 CET49940443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.800033092 CET4434994013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.800077915 CET49940443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.800085068 CET4434994013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.800920963 CET49952443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.800932884 CET4434995213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.801490068 CET49951443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.801490068 CET49951443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.801539898 CET4434995134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.801572084 CET4434995134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.802598953 CET49950443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.802618027 CET4434995013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.803334951 CET49950443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.803342104 CET4434995013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.803829908 CET49953443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.803844929 CET4434995334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.804124117 CET4434995334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.804981947 CET49953443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.805160046 CET49953443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.805186033 CET4434995334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.862921953 CET49956443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.862962961 CET4434995613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.863043070 CET49956443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.906790972 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.920871973 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.920902014 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.921200991 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.926774979 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.926845074 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.927347898 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.938914061 CET49956443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.938934088 CET4434995613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.964256048 CET4434994113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.964423895 CET4434994113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.964489937 CET49941443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.971337080 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.997927904 CET49941443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.997947931 CET4434994113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.997981071 CET49941443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:21.997997046 CET4434994113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.077795029 CET49957443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.077840090 CET4434995713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.077908993 CET49957443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.080643892 CET49957443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.080674887 CET4434995713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.133322954 CET4434994913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.136358023 CET4434994913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.136430025 CET49949443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.140512943 CET4434995013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.143615007 CET4434995013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.143662930 CET49950443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.143663883 CET4434995013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.143699884 CET49950443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.161936045 CET49949443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.161969900 CET4434994913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.161998987 CET49949443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.162015915 CET4434994913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.172374964 CET49950443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.172386885 CET4434995013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.172399044 CET49950443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.172403097 CET4434995013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.173397064 CET4434995213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.176796913 CET4434995213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.176861048 CET49952443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.255528927 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.255594015 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.255656004 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.255754948 CET49960443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.255788088 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.255831003 CET49960443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.256402969 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.256442070 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.256530046 CET49960443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.256540060 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.258606911 CET49952443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.258629084 CET4434995213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.258641958 CET49952443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.258649111 CET4434995213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.267527103 CET4434995334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.267591953 CET4434995334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.267662048 CET49953443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.286413908 CET49961443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.286436081 CET4434996113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.286555052 CET49961443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.295517921 CET49961443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.295531988 CET4434996113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.297513962 CET49962443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.297527075 CET4434996213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.297595024 CET49962443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.302753925 CET49962443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.302763939 CET4434996213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.304225922 CET49963443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.304235935 CET4434996313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.304297924 CET49963443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.304547071 CET49963443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.304558039 CET4434996313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.367997885 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.368060112 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.368098021 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.368107080 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.368139982 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.368185043 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.368192911 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.376409054 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.376468897 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.376480103 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.384728909 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.384771109 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.384782076 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.393232107 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.393265963 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.393275023 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.445162058 CET49953443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.445183039 CET4434995334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.445194960 CET49953443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.445199966 CET4434995334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.471467972 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.487996101 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.570602894 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.570672035 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.570724964 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.575858116 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.575911999 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.575928926 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.583755970 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.583806992 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.583837032 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.591607094 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.591680050 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.591695070 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.599436998 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.599560976 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.599575996 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.607287884 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.607397079 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.607410908 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.622843027 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.622903109 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.622919083 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.630620003 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.630675077 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.630688906 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.638458967 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.638505936 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.638520002 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.646292925 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.646431923 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.646446943 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.654262066 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.654354095 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.654367924 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.661990881 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.662046909 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.662060976 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.772989035 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.773031950 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.773102045 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.773152113 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.773200989 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.775257111 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.781637907 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.781689882 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.781708002 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.786374092 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.786444902 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.786461115 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.786509991 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.795141935 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.795149088 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.795212984 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.799459934 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.799510002 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.803917885 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.803924084 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.803991079 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.812418938 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.812426090 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.812484980 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.820894003 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.820902109 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.820954084 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.829447031 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.829452991 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.829508066 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.833888054 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.833894968 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.833973885 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.842448950 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.842513084 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.850924015 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.850980997 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.855336905 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.855392933 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.863811970 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.863883018 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.872406006 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.872466087 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.892558098 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.892625093 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.958879948 CET49965443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.958967924 CET4434996534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.959026098 CET49965443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.960653067 CET49965443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.960690975 CET4434996534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.975110054 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.975176096 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.979911089 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.979965925 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.986112118 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.986177921 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.989427090 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.989475012 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.995398045 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.995455980 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.001401901 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.001465082 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.004277945 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.004327059 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.009906054 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.009963036 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.015657902 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.015708923 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.018627882 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.018709898 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.021982908 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.022038937 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.025209904 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.025262117 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.027180910 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.027241945 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.030220032 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.030272007 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.033557892 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.033603907 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.036050081 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.036114931 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.039417028 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.039463043 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.041249037 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.041310072 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.044673920 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.044718981 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.047754049 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.047801971 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.049552917 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.049607038 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.052781105 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.052839041 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.056097031 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.056157112 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.095001936 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.095052958 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.097523928 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.097573996 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.100740910 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.100790024 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.180480003 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.180489063 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.180520058 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.180545092 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.180567026 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.180587053 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.181929111 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.181987047 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.181996107 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.182025909 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.182091951 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.192095995 CET49954443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.192123890 CET44349954104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.228979111 CET49967443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.229022026 CET44349967104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.229091883 CET49967443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.229358912 CET49968443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.229382992 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.229562998 CET49968443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.229835987 CET49968443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.229847908 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.229981899 CET49967443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.230004072 CET44349967104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.230555058 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.230608940 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.230664015 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.230912924 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.230932951 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.331979990 CET49970443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.332015991 CET44349970142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.332927942 CET49970443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.333125114 CET49970443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.333132982 CET44349970142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.356718063 CET49971443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.356745005 CET44349971108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.356812000 CET49971443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.357017994 CET49971443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.357028961 CET44349971108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.384717941 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.384731054 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.384793997 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.384954929 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.384958029 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.482990980 CET4434995613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.507339954 CET49956443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.507363081 CET4434995613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.507786989 CET49956443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.507797003 CET4434995613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.656600952 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.656848907 CET49960443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.656869888 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.657248020 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.657314062 CET49960443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.657918930 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.657972097 CET49960443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.659049988 CET49960443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.659121990 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.659228086 CET49960443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.666078091 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.666373014 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.666390896 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.667927980 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.668010950 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.675570965 CET4434995713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.683991909 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.684175014 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.684226036 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.684237003 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.703330040 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.753598928 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.766370058 CET49957443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.766443014 CET4434995713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.766973019 CET49957443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.766988993 CET4434995713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.769597054 CET49960443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.769604921 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.977274895 CET49960443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.027692080 CET4434995613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.027755022 CET4434995613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.027861118 CET4434995613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.027909040 CET49956443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.028008938 CET49956443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.050770998 CET49973443192.168.2.563.140.62.27
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.050806046 CET4434997363.140.62.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.050884008 CET49973443192.168.2.563.140.62.27
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.051151991 CET49973443192.168.2.563.140.62.27
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.051168919 CET4434997363.140.62.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.062016964 CET49956443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.062016964 CET49956443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.062035084 CET4434995613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.062042952 CET4434995613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.077682018 CET49974443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.077708006 CET4434997413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.077769995 CET49974443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.088591099 CET49974443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.088608027 CET4434997413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.100930929 CET4434996313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.101636887 CET49963443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.101654053 CET4434996313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.102042913 CET49963443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.102047920 CET4434996313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.151350975 CET4434996113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.165821075 CET4434996213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.225985050 CET4434996534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.226088047 CET49965443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.232886076 CET4434995713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.235904932 CET4434995713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.237585068 CET49957443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.273916960 CET49961443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.283149958 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.283327103 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.283377886 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.283411980 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.283432961 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.283474922 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.283509970 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.294452906 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.294585943 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.294650078 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.294668913 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.295660019 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.304529905 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.349184990 CET49962443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.349548101 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.349565029 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.403254986 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.405615091 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.405636072 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.439932108 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.440043926 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.440078974 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.440084934 CET49960443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.440099955 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.441556931 CET49960443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.448138952 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.448682070 CET44349967104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.456862926 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.457019091 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.457070112 CET49960443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.457078934 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.457120895 CET49960443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.464894056 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.475397110 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.476855993 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.476883888 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.479100943 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.481112003 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.481128931 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.486588001 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.486660004 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.486675024 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.492655039 CET49961443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.492666006 CET4434996113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.493412971 CET49961443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.493417025 CET4434996113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.493990898 CET49962443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.494008064 CET4434996213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.494021893 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.494082928 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.494103909 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.494530916 CET49962443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.494535923 CET4434996213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.496217012 CET49965443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.496268988 CET4434996534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.496562004 CET4434996534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.497046947 CET49957443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.497087955 CET4434995713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.497116089 CET49957443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.497132063 CET4434995713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.498141050 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.499778986 CET49967443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.499800920 CET44349967104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.499931097 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.499938011 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.500238895 CET44349967104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.503237963 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.503289938 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.507771969 CET49975443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.507791042 CET4434997513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.507847071 CET49975443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.508032084 CET49975443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.508043051 CET4434997513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.508383989 CET49967443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.508479118 CET44349967104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.508939028 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.509012938 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.509027958 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.509977102 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.510076046 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.510624886 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.510679960 CET49960443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.510687113 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.510869980 CET49967443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.511073112 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.511080027 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.514837027 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.514883995 CET49960443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.514892101 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.516371965 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.516436100 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.516450882 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.523896933 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.523941994 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.523956060 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.523972988 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.524055958 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.531493902 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.538954973 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.539043903 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.539058924 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.543005943 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.544816971 CET4434996313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.544946909 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.544971943 CET4434996313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.544995070 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.545012951 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.545021057 CET4434996313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.545027971 CET49963443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.545066118 CET49963443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.548732996 CET49968443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.548739910 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.549020052 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.549628973 CET49968443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.549679995 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.550714016 CET49968443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.550954103 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.551018000 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.551033974 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.555352926 CET44349967104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.561503887 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.561558962 CET49960443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.561573029 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.562170982 CET49963443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.562179089 CET4434996313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.562818050 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.562863111 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.562877893 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.568736076 CET49965443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.568857908 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.569102049 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.569116116 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.595328093 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.618199110 CET49976443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.618230104 CET4434997613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.618293047 CET49976443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.640923977 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.640974998 CET49960443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.640985012 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.641026020 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.641086102 CET49960443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.650538921 CET49976443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.650592089 CET4434997613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.668729067 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.668807030 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.668826103 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.673089027 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.673261881 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.673275948 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.677356005 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.677443981 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.677504063 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.713324070 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.730998993 CET49960443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.731008053 CET4434996087.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.732302904 CET49959443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.732331038 CET44349959146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.826184988 CET49977443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.826224089 CET4434997787.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.826296091 CET49977443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.826697111 CET4434996113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.827358007 CET49977443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.827370882 CET4434997787.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.828594923 CET4434996213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.828783035 CET4434996213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.829087973 CET49962443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.829780102 CET4434996113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.829832077 CET4434996113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.829832077 CET49961443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.829878092 CET49961443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.853867054 CET49961443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.853873968 CET4434996113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.853883028 CET49961443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.853887081 CET4434996113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.856012106 CET49962443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.856033087 CET4434996213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.856044054 CET49962443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.856050014 CET4434996213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.869895935 CET49979443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.869982958 CET4434997913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.870065928 CET49979443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.873857021 CET49979443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.873892069 CET4434997913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.875535011 CET49980443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.875597000 CET4434998013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.875679016 CET49980443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.876171112 CET49980443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.876204014 CET4434998013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.896049023 CET44349967104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.896092892 CET44349967104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.896125078 CET44349967104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.896151066 CET44349967104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.896167994 CET49967443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.896204948 CET44349967104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.896230936 CET49967443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.896250010 CET44349967104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.896291018 CET49967443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.896305084 CET44349967104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.904403925 CET44349967104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.904449940 CET49967443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.904464960 CET44349967104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.904495001 CET44349967104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.904542923 CET49967443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.911900043 CET49967443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.911925077 CET44349967104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.916127920 CET49981443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.916140079 CET4434998134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.916184902 CET49982443192.168.2.554.229.91.192
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.916198969 CET49981443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.916237116 CET4434998254.229.91.192192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.916376114 CET49982443192.168.2.554.229.91.192
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.916734934 CET49982443192.168.2.554.229.91.192
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.916762114 CET4434998254.229.91.192192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.918914080 CET49981443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.918926001 CET4434998134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.953521013 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.953641891 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.953727007 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.953737020 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.953768015 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.953818083 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.953860998 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.954029083 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.955117941 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.955132008 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.964675903 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.964746952 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.964756012 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.973000050 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.973066092 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.973074913 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.009783030 CET49983443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.009835005 CET44349983172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.009944916 CET49983443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.010884047 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.010927916 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.011034966 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.011060953 CET49968443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.011068106 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.011092901 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.011104107 CET49968443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.011109114 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.011173964 CET49968443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.011178017 CET49983443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.011207104 CET44349983172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.014216900 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.022126913 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.022180080 CET49968443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.022186995 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.030576944 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.030627012 CET49968443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.030632973 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.034257889 CET44349971108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.034497976 CET49971443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.034509897 CET44349971108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.035938978 CET44349971108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.035999060 CET49971443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.036923885 CET49971443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.037002087 CET44349971108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.037300110 CET49971443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.037306070 CET44349971108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.053426981 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.074167967 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.082421064 CET44349970142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.082655907 CET49970443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.082672119 CET44349970142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.083673000 CET44349970142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.083755016 CET49970443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.084295034 CET49970443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.084353924 CET44349970142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.084427118 CET49970443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.095587015 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.095611095 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.095679998 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.096136093 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.096147060 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.131336927 CET44349970142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.150274992 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.150474072 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.150484085 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.151551008 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.151608944 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.152465105 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.152532101 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.152605057 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.154450893 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.154500961 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.154510975 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.160005093 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.160083055 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.160089970 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.168242931 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.168323040 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.168330908 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.176455975 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.176516056 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.176523924 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.184609890 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.184675932 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.184684038 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.192812920 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.192871094 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.192878008 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.199345112 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.209053040 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.209112883 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.209141970 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.212286949 CET49970443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.212312937 CET44349970142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.217196941 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.217253923 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.217276096 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.221112013 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.221575975 CET49968443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.221582890 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.224967003 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.225119114 CET49968443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.225123882 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.225410938 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.225457907 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.225467920 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.232681036 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.232741117 CET49968443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.232745886 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.233632088 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.234055042 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.234066010 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.239914894 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.240149021 CET49968443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.241262913 CET49968443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.241269112 CET44349968104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.241898060 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.242011070 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.242018938 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.247339964 CET44349971108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.247680902 CET49971443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.250072002 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.250158072 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.250166893 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.267327070 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.267332077 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.289638042 CET49986443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.289649010 CET4434998634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.289715052 CET49986443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.290402889 CET49986443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.290412903 CET4434998634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.345554113 CET49970443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.345566034 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.345577955 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.356812000 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.356867075 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.356878996 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.361629963 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.362011909 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.362020016 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.370379925 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.370414019 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.370450974 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.370460033 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.370488882 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.375377893 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.375442982 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.376162052 CET49969443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.376176119 CET44349969104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.376202106 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.445246935 CET49965443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.481887102 CET49965443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.481904030 CET4434996534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.482465029 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.482501030 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.482561111 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.483160973 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.483171940 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.483391047 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.484549046 CET49995443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.484590054 CET4434999534.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.484641075 CET49995443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.485305071 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.485316992 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.485465050 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.485479116 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.485584974 CET49995443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.485600948 CET4434999534.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.486011982 CET49996443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.486018896 CET4434999634.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.486068010 CET49996443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.486277103 CET49996443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.486287117 CET4434999634.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.529187918 CET4434997363.140.62.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.529421091 CET49973443192.168.2.563.140.62.27
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.529443026 CET4434997363.140.62.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.531050920 CET4434997363.140.62.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.531116962 CET49973443192.168.2.563.140.62.27
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.534267902 CET49973443192.168.2.563.140.62.27
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.534353971 CET4434997363.140.62.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.534672022 CET49973443192.168.2.563.140.62.27
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.534682035 CET4434997363.140.62.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.739371061 CET4434997363.140.62.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.739455938 CET49973443192.168.2.563.140.62.27
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.746223927 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.746253967 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.746299982 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.746309996 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.746366978 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.755502939 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.755513906 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.755559921 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.771058083 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.771068096 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.771133900 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.788682938 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.788691998 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.788737059 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.808212996 CET4434997413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.823729038 CET49974443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.823782921 CET4434997413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.824227095 CET49974443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.824240923 CET4434997413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.875371933 CET49998443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.875426054 CET4434999834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.875842094 CET49998443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.877007961 CET49998443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.877023935 CET4434999834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.895221949 CET44349970142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.896404028 CET49970443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.896459103 CET44349970142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.896514893 CET49970443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.906241894 CET4434996534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.906328917 CET4434996534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.906384945 CET49965443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.941665888 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.941678047 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.941730022 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.950947046 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.950956106 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.951004982 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.964555025 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.964565039 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.964627028 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.964687109 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.979624987 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.979640961 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.979700089 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.987325907 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.987333059 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.987394094 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.002496004 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.002568007 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.013676882 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.013777971 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.019239902 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.019299984 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.022126913 CET49965443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.022162914 CET4434996534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.022200108 CET49965443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.022216082 CET4434996534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.054409981 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.054415941 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.054480076 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.055064917 CET4434997363.140.62.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.055232048 CET4434997363.140.62.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.055841923 CET49973443192.168.2.563.140.62.27
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.057235003 CET50002443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.057302952 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.057368040 CET50002443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.057744026 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.057754040 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.058511019 CET50002443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.058545113 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.058651924 CET49973443192.168.2.563.140.62.27
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.058677912 CET4434997363.140.62.27192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.070225954 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.070235968 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.070302963 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.070487976 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.070498943 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.125300884 CET50004443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.125312090 CET44350004104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.125366926 CET50004443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.126106024 CET50004443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.126117945 CET44350004104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.129759073 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.129827023 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.135332108 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.135410070 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.139723063 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.139800072 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.148622990 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.148704052 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.156065941 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.156120062 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.163727999 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.163791895 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.167642117 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.167702913 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.175215006 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.175292969 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.182928085 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.183000088 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.186850071 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.186907053 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.194072962 CET50005443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.194094896 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.194168091 CET50005443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.194490910 CET50005443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.194503069 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.194570065 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.194664955 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.197762012 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.197798967 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.197937012 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.198024035 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.198054075 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.202167034 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.202254057 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.206041098 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.206125021 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.213769913 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.213913918 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.221287012 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.221342087 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.225244999 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.225311995 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.228009939 CET4434998134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.228074074 CET49981443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.236958981 CET49981443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.236968994 CET4434998134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.237190962 CET4434998134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.241725922 CET4434997413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.243091106 CET44349971108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.243128061 CET44349971108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.243177891 CET44349971108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.243206978 CET49971443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.243242025 CET44349971108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.243319988 CET49971443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.245306015 CET4434997413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.245381117 CET49974443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.247143984 CET49974443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.247172117 CET4434997413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.247198105 CET49974443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.247210979 CET4434997413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.264451027 CET50009443192.168.2.563.140.62.17
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.264484882 CET4435000963.140.62.17192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.264589071 CET50009443192.168.2.563.140.62.17
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.264770985 CET50009443192.168.2.563.140.62.17
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.264780998 CET4435000963.140.62.17192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.270004988 CET50010443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.270057917 CET4435001013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.270216942 CET50010443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.271326065 CET50010443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.271357059 CET4435001013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.300457001 CET4434997513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.300996065 CET49975443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.301009893 CET4434997513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.301420927 CET49975443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.301424980 CET4434997513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.305986881 CET49981443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.317852974 CET49981443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.317892075 CET4434998134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.333664894 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.333760023 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.336751938 CET4434998254.229.91.192192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.337361097 CET49982443192.168.2.554.229.91.192
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.337388039 CET4434998254.229.91.192192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.337693930 CET4434998254.229.91.192192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.337908983 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.337965012 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.338701010 CET49982443192.168.2.554.229.91.192
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.338767052 CET4434998254.229.91.192192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.339449883 CET49982443192.168.2.554.229.91.192
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.343713045 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.343770027 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.346353054 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.346412897 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.351763010 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.351821899 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.355643988 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.355885029 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.355896950 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.356221914 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.356781006 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.356841087 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.357289076 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.357876062 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.357927084 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.359587908 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.359700918 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.364684105 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.364732027 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.369735003 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.369786024 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.374891996 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.374957085 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.376931906 CET44349983172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.377170086 CET49983443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.377194881 CET44349983172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.377624035 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.377677917 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.378679037 CET44349983172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.378732920 CET49983443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.379951000 CET49983443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.380021095 CET44349983172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.380235910 CET49983443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.380244017 CET44349983172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.382613897 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.382689953 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.383352041 CET4434998254.229.91.192192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.387783051 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.387870073 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.390495062 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.390556097 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.395555973 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.395644903 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.399337053 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.400679111 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.400743961 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.403378010 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.403424978 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.408431053 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.408487082 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.412400007 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.412473917 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.417428970 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.417479992 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.422398090 CET4434997787.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.422658920 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.422710896 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.425246000 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.425293922 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.428121090 CET49977443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.428132057 CET4434997787.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.428488970 CET4434997787.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.428558111 CET49977443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.429238081 CET4434997787.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.429335117 CET49977443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.429361105 CET4434997613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.429481983 CET49977443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.429548025 CET4434997787.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.429721117 CET49977443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.429728031 CET4434997787.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.430380106 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.430433035 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.435483932 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.435507059 CET44349971108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.435532093 CET44349971108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.435540915 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.435600042 CET49971443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.435621977 CET44349971108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.435844898 CET49971443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.438194036 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.438254118 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.443238974 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.443296909 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.457403898 CET44349971108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.457467079 CET49971443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.457477093 CET44349971108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.484983921 CET49976443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.485006094 CET4434997613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.485527992 CET49976443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.485536098 CET4434997613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.498882055 CET44349971108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.498898029 CET44349971108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.498945951 CET49971443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.498955965 CET44349971108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.498992920 CET49971443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.513714075 CET44349971108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.513776064 CET49971443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.513781071 CET44349971108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.513827085 CET49971443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.515330076 CET49971443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.515342951 CET44349971108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.515486956 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.515547037 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.518980026 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.519037008 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.521488905 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.521544933 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.526283979 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.526341915 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.530703068 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.530786991 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.533128977 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.533198118 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.535329103 CET50012443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.535351992 CET44350012108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.535410881 CET50012443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.535934925 CET49983443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.536072969 CET49977443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.536688089 CET50012443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.536704063 CET44350012108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.537195921 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.537244081 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.541213036 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.541271925 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.543308973 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.543369055 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.547282934 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.547355890 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.550967932 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.551034927 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.552659035 CET4434998634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.552737951 CET49986443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.554718971 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.554780006 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.556657076 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.556718111 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.560206890 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.560272932 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.562045097 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.562112093 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.562118053 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.562155008 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.562443018 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.562449932 CET4434997220.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.562479973 CET49972443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.569101095 CET49986443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.569109917 CET4434998634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.569318056 CET4434998634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.569367886 CET49986443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.569926977 CET49986443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.596841097 CET50013443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.596884012 CET4435001334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.597076893 CET50013443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.601954937 CET50013443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.601969957 CET4435001334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.615326881 CET4434998634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.678380966 CET4434998013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.686006069 CET49980443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.686063051 CET4434998013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.686815977 CET49980443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.686830997 CET4434998013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.701246977 CET4434998134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.701361895 CET4434998134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.701412916 CET49981443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.702012062 CET49981443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.702023029 CET4434998134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.702033997 CET49981443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.702038050 CET4434998134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.703552961 CET50014443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.703562975 CET4435001434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.703635931 CET50014443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.704025984 CET50014443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.704036951 CET4435001434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.732501030 CET4434997913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.747603893 CET4434997513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.749571085 CET49977443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.749645948 CET4434997787.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.749742985 CET49977443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.750657082 CET4434997513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.750724077 CET49975443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.761848927 CET4434999634.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.761962891 CET49996443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.773407936 CET49979443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.773449898 CET4434997913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.773982048 CET49979443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.773988962 CET4434997913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.774373055 CET49975443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.774390936 CET4434997513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.781037092 CET50015443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.781071901 CET4435001513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.781157017 CET50015443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.781380892 CET50015443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.781394005 CET4435001513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.794910908 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.795006037 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.797390938 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.797471046 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.802082062 CET4434999534.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.802164078 CET49995443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.813332081 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.813384056 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.813424110 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.813457012 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.813493967 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.813535929 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.813540936 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.813550949 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.813565969 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.813608885 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.821705103 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.821849108 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.821856976 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.838713884 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.841676950 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.841685057 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.862623930 CET4434998254.229.91.192192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.862725019 CET4434998254.229.91.192192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.862833023 CET49982443192.168.2.554.229.91.192
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.877962112 CET4434997613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.881197929 CET4434997613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.881268024 CET49976443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.887857914 CET44349983172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.887965918 CET44349983172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.889576912 CET49983443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.914367914 CET49982443192.168.2.554.229.91.192
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.914405107 CET4434998254.229.91.192192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.933630943 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.936242104 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.936254025 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.022815943 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.024322987 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.024503946 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.024514914 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.024584055 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.029026031 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.037123919 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.041773081 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.041779995 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.044872999 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.044950008 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.044955969 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.052757978 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.055603027 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.055608988 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.060440063 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.063698053 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.063707113 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.075997114 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.076102018 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.076240063 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.076246023 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.079737902 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.082499027 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.088949919 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.089066982 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.089179039 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.089185953 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.090243101 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.095469952 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.097532034 CET4434998634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.097585917 CET49986443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.097594976 CET4434998634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.097632885 CET49986443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.097639084 CET4434998634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.097646952 CET4434998634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.097683907 CET49986443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.101969004 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.102153063 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.102160931 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.103533030 CET4434999834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.103609085 CET49998443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.121201038 CET4434998013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.124380112 CET4434998013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.127639055 CET49980443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.151943922 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.157381058 CET49976443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.157404900 CET4434997613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.157444000 CET49976443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.157452106 CET4434997613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.170331001 CET49998443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.170342922 CET4434999834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.170691967 CET4434999834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.174273968 CET49998443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.179225922 CET49998443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.179260015 CET4434999834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.184988022 CET4434997913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.185736895 CET49986443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.185744047 CET4434998634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.187163115 CET49980443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.187163115 CET49980443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.187199116 CET4434998013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.187228918 CET4434998013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.188930035 CET4434997913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.188977957 CET4434997913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.189027071 CET49979443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.198024035 CET49979443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.198045969 CET4434997913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.220139980 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.222572088 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.222646952 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.222662926 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.229017973 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.229104042 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.229125023 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.229134083 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.229182959 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.233732939 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.242849112 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.242943048 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.242949963 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.243026018 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.247544050 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.247550964 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.247612000 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.251887083 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.251976013 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.261063099 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.261123896 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.262550116 CET50016443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.262599945 CET4435001634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.262670040 CET50016443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.263108969 CET50017443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.263174057 CET4435001734.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.263242960 CET50017443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.263792992 CET50016443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.263833046 CET4435001634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.263834000 CET50017443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.263870955 CET4435001734.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.265641928 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.265729904 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.274713993 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.274806976 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.281070948 CET50018443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.281104088 CET4435001813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.281163931 CET50018443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.282851934 CET49983443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.282881021 CET44349983172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.283643007 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.283729076 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.292748928 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.292814970 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.297379971 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.297435999 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.297483921 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.306420088 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.306499004 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.310970068 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.311059952 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.316962004 CET50019443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.316984892 CET4435001913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.317141056 CET50018443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.317162037 CET50019443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.317167997 CET4435001813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.320019960 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.320127964 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.328907013 CET50020443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.328918934 CET4435002013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.329062939 CET50020443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.329437017 CET50020443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.329453945 CET4435002013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.329514980 CET50019443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.329525948 CET4435001913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.345061064 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.371681929 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.376813889 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.394404888 CET44350004104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.423171043 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.423229933 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.429796934 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.429845095 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.437031984 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.437150002 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.440653086 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.440730095 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.447460890 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.447521925 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.453759909 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.453819036 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.457195997 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.457325935 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.463486910 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.463577986 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.470005035 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.470091105 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.473310947 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.473403931 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.477236986 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.477333069 CET50004443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.477333069 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.479922056 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.480010033 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.486223936 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.486366034 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.492763042 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.492841959 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.496047020 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.496115923 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.500981092 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.501051903 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.507323980 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.507400036 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.510540962 CET50004443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.510545969 CET44350004104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.510704994 CET50002443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.510732889 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.510854959 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.510859966 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.511137962 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.511142015 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.511311054 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.512079000 CET44350004104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.512094975 CET44350004104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.512131929 CET50004443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.512681961 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.512758017 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.513781071 CET50004443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.513822079 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.513863087 CET44350004104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.513886929 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.513955116 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.514168978 CET50004443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.514183998 CET44350004104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.514484882 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.514514923 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.514578104 CET50002443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.517159939 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.517229080 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.517705917 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.517735958 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.517770052 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.523580074 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.523633003 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.530149937 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.530213118 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.533337116 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.533406973 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.537677050 CET50002443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.537873030 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.537911892 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.538125038 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.539582014 CET50002443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.539609909 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.539694071 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.539710045 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.539956093 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.540009975 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.546294928 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.546359062 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.547854900 CET49996443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.547866106 CET4434999634.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.548140049 CET4434999634.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.548198938 CET49996443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.549922943 CET49996443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.553144932 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.553158998 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.553198099 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.553208113 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.554126978 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.554148912 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.554186106 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.554208040 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.555691957 CET4434999834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.555866003 CET4434999834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.555919886 CET49998443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.559326887 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.591339111 CET4434999634.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.600184917 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.601315022 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.603179932 CET49995443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.603199005 CET4434999534.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.604144096 CET4434999534.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.604197979 CET49995443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.604676962 CET49995443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.622606039 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.622658014 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.626262903 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.626332998 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.631167889 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.631263018 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.633727074 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.633789062 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.638442039 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.638484001 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.640171051 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.643357992 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.645246983 CET50002443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.647329092 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.647342920 CET4434999534.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.649697065 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.649755001 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.649784088 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.649807930 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.649817944 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.649890900 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.664828062 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.664844990 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.664938927 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.664947987 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.665065050 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.674232006 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.674246073 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.674314022 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.674321890 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.677571058 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.681237936 CET50004443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.681543112 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.682640076 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.682662010 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.682809114 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.682816029 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.685587883 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.689635038 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.689649105 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.689702034 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.689707994 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.689945936 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.690867901 CET4435000963.140.62.17192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.697392941 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.697407007 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.697524071 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.697530031 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.698261023 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.705368042 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.705383062 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.705461979 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.705470085 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.705588102 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.714260101 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.720706940 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.720736027 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.721920013 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.721930027 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.721980095 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.722701073 CET50009443192.168.2.563.140.62.17
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.722707987 CET4435000963.140.62.17192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.723949909 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.724030018 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.724133015 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.724148035 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.725193024 CET4435000963.140.62.17192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.725250006 CET50009443192.168.2.563.140.62.17
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.763871908 CET49998443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.763891935 CET4434999834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.797528982 CET50009443192.168.2.563.140.62.17
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.797625065 CET4435000963.140.62.17192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.799082041 CET50009443192.168.2.563.140.62.17
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.799093008 CET4435000963.140.62.17192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.825555086 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.829624891 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.829643965 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.829755068 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.829768896 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.829874039 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.836664915 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.836680889 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.836808920 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.836817026 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.836858034 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.841753006 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.841809988 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.841850996 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.841850996 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.841857910 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.841880083 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.841942072 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.847860098 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.851226091 CET44350004104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.851291895 CET44350004104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.851341009 CET44350004104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.851344109 CET50004443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.851356030 CET44350004104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.851408958 CET50004443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.851416111 CET44350004104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.859705925 CET44350004104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.859783888 CET50004443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.859792948 CET44350004104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.864125967 CET4435001334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.864202023 CET50013443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.867815971 CET44350004104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.867872953 CET50004443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.867878914 CET44350004104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.867913961 CET44350004104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.867964029 CET50004443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.873270988 CET50013443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.873286963 CET4435001334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.873609066 CET4435001334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.874299049 CET50013443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.874650002 CET50013443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.874675035 CET4435001334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.874952078 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.874994040 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.875036955 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.875045061 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.875102043 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.875133991 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.875150919 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.875158072 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.875200033 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.877129078 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.877199888 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.877243042 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.877259016 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.877265930 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.877310038 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.877314091 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.883445024 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.884366989 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.884490967 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.884598017 CET50002443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.884601116 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.884629011 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.884680033 CET50002443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.884738922 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.884916067 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.884979963 CET50002443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.884996891 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.885454893 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.885499001 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.885504961 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.891784906 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.891841888 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.891849041 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.892323971 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.892471075 CET50002443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.892486095 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.893886089 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.893946886 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.893951893 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.900799036 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.900855064 CET50002443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.900871038 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.900933027 CET4434999634.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.901005983 CET4434999634.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.901021004 CET49996443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.901026964 CET4434999634.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.901041031 CET49996443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.901062965 CET4434999634.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.901086092 CET49996443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.901103973 CET49996443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.902282000 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.902345896 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.902352095 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.949362040 CET50009443192.168.2.563.140.62.17
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.949548960 CET50002443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.949567080 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.961241961 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.961308002 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.961316109 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.961364031 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.961388111 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.961440086 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.961477041 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.961553097 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.961566925 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.961605072 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.964694977 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.964756012 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.964781046 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.964796066 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.964812040 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.964838028 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.964876890 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.964931011 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.964984894 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.965034008 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.969083071 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.969130039 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.969212055 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.969404936 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.969412088 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.969449043 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.972747087 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.972832918 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.972920895 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.973050117 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.973057032 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.973099947 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.973565102 CET50005443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.973565102 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.973581076 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.973604918 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.977665901 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.977952003 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.977958918 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.978265047 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.980998993 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.981134892 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.981142044 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.981177092 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.984668970 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.984726906 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.988296986 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.988342047 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.992896080 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.992976904 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.993035078 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.993077993 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.994533062 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.994574070 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.994580984 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.996648073 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.996704102 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.996769905 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.996814013 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:27.996876001 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.009993076 CET4435001434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.010061979 CET50014443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.043507099 CET4434999534.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.043565989 CET49995443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.043581009 CET4434999534.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.043668985 CET49995443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.043673038 CET4434999534.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.043687105 CET4434999534.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.043715954 CET49995443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.043742895 CET49995443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.049707890 CET50002443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.070031881 CET4435001013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.080276012 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.080374956 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.080382109 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.080678940 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.080744028 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.080790997 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.080843925 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.084085941 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.084093094 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.084163904 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.084168911 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.084197998 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.084211111 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.084456921 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.087785006 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.087850094 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.087857962 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.093218088 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.093277931 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.093285084 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.094899893 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.094952106 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.094958067 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.097320080 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.101273060 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.101320028 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.101325035 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.101392984 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.101449013 CET50002443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.101469994 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.102797985 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.102864981 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.102869987 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.109294891 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.109370947 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.109376907 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.109462976 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.109514952 CET50002443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.109529018 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.109716892 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.109801054 CET50002443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.110496998 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.110547066 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.110552073 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.116204023 CET50005443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.116214037 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.116663933 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.116676092 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.116729021 CET50005443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.117270947 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.117324114 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.117335081 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.117371082 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.117559910 CET50005443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.118545055 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.118590117 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.118596077 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.120528936 CET50005443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.120598078 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.121648073 CET50005443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.121654987 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.125269890 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.125375032 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.125380993 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.126374006 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.126425028 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.126430035 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.139538050 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.139585018 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.139590979 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.140851021 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.140902996 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.140908003 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.145762920 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.145811081 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.145817995 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.147846937 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.147902966 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.147908926 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.151904106 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.152056932 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.152062893 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.154799938 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.154839039 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.154844999 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.158101082 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.158149004 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.158155918 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.161782026 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.161844969 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.161850929 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.164746046 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.164830923 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.164835930 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.169033051 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.169079065 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.169085026 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.171051025 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.171092987 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.171102047 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.172512054 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.172573090 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.173922062 CET50010443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.173924923 CET50005443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.175683022 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.175759077 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.175769091 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.175930977 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.176491976 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.176570892 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.176615000 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.176620007 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.176645994 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.176668882 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.176708937 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.176714897 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.176726103 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.176745892 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.176791906 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.179651022 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.179694891 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.184739113 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.184837103 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.184843063 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.184880018 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.184890032 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.184927940 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.186217070 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.186261892 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.186274052 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.186309099 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.187693119 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.187761068 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.187776089 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.191257000 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.191308975 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.191392899 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.191437006 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.191965103 CET50014443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.191975117 CET4435001434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.192250013 CET4435001434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.194314957 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.194370985 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.194427013 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.194441080 CET50014443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.194482088 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.194681883 CET50014443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.194715977 CET4435001434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.195683002 CET50010443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.195699930 CET4435001013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.196090937 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.196142912 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.196158886 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.196382999 CET50010443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.196397066 CET4435001013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.202500105 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.202555895 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.202563047 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.202578068 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.202622890 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.207246065 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.207351923 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.207366943 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.207384109 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.207472086 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.220979929 CET4435000963.140.62.17192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.221044064 CET4435000963.140.62.17192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.221110106 CET50009443192.168.2.563.140.62.17
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.268682003 CET50009443192.168.2.563.140.62.17
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.268693924 CET4435000963.140.62.17192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.281826019 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.281930923 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.281939030 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.283242941 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.283292055 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.283297062 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.291990995 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.292038918 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.292045116 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.295960903 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.296541929 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.296587944 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.296592951 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.296642065 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.298021078 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.298095942 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.298140049 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.298147917 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.298460960 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.300184011 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.300858974 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.300973892 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.305578947 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.306107998 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.306155920 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.306163073 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.310617924 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.310676098 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.310682058 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.310724020 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.319228888 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.319236040 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.319291115 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.323324919 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.325567961 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.327907085 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.327914000 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.327956915 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.329986095 CET4435001334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.330089092 CET4435001334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.330152988 CET50013443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.336340904 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.336348057 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.336395025 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.344882965 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.344890118 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.344945908 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.350873947 CET50013443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.350895882 CET4435001334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.350907087 CET50013443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.350912094 CET4435001334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.353444099 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.353451967 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.353507996 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.357803106 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.357810020 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.357860088 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.366523027 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.366529942 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.366569996 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.374933004 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.374979973 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.379849911 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.379906893 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.379929066 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.383801937 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.383907080 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.383922100 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.391870975 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.391943932 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.391958952 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.400032043 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.400078058 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.400091887 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.404232025 CET50023443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.404262066 CET4435002334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.404314995 CET50023443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.404844046 CET50023443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.404854059 CET4435002334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.416094065 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.416147947 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.416163921 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.424201965 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.424252033 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.424279928 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.424295902 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.424345970 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.432300091 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.440464020 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.440538883 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.440552950 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.446959019 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.447016001 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.447030067 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.453391075 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.453443050 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.453457117 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.460232973 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.460453033 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.460467100 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.464072943 CET44350012108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.472839117 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.472930908 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.472940922 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.472958088 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.473016024 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.479335070 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.481971979 CET4435001734.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.482058048 CET50017443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.508889914 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.508964062 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.511432886 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.511523008 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.518723965 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.518771887 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.522682905 CET4435001013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.525661945 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.525733948 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.526031971 CET4435001013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.526081085 CET4435001013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.526088953 CET50010443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.526146889 CET50010443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.532633066 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.532675028 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.536284924 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.536334038 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.536614895 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.536685944 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.536885023 CET50005443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.536895037 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.539875984 CET50012443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.539905071 CET44350012108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.541057110 CET44350012108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.541070938 CET44350012108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.541141987 CET50012443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.543382883 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.543453932 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.545814037 CET49984443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.545830965 CET44349984104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.546613932 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.546664953 CET50005443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.546674013 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.550518036 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.550569057 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.550988913 CET50024443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.551033974 CET4435002434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.551299095 CET50024443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.551624060 CET50024443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.551637888 CET4435002434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.551970005 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.552614927 CET50012443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.552700043 CET44350012108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.554158926 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.554171085 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.554428101 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.554477930 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.554953098 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.554990053 CET50005443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.554996967 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.558733940 CET50004443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.558756113 CET44350004104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.560501099 CET50003443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.560512066 CET44350003104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.560780048 CET50002443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.560794115 CET44350002104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.561491013 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.561546087 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.563302040 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.563340902 CET50005443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.563348055 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.566144943 CET4435001513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.566538095 CET50012443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.566567898 CET44350012108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.566921949 CET50012443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.568274021 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.568417072 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.571798086 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.571875095 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.573568106 CET4435001634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.573635101 CET50016443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.578955889 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.579019070 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.584007025 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.584079981 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.584142923 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.586087942 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.586147070 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.588924885 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.588972092 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.588979959 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.588994026 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.589049101 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.589066982 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.589090109 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.589205027 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.591331959 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.591387987 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.598428011 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.598474979 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.602205992 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.602257013 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.608026981 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.608083010 CET50005443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.608089924 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.609114885 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.609163046 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.611331940 CET44350012108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.612210989 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.612273932 CET50005443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.612281084 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.612793922 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.612840891 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.619903088 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.619971037 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.620574951 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.620623112 CET50005443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.620629072 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.626912117 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.626960039 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.663928986 CET4435001434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.664022923 CET4435001434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.664073944 CET50014443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.674077034 CET50015443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.674079895 CET50005443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.722242117 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.722310066 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.725882053 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.725935936 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.731272936 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.731336117 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.733962059 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.734014988 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.739093065 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.739161968 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.744164944 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.744230032 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.746754885 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.746814013 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.749269962 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.749368906 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.749418974 CET50005443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.751558065 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.751610041 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.756342888 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.756402016 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.768265009 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.768274069 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.768306017 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.768342018 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.768349886 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.768395901 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.770616055 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.770667076 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.770672083 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.770726919 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.770788908 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.783093929 CET50017443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.783160925 CET4435001734.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.783493042 CET4435001734.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.783613920 CET50017443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.786830902 CET50017443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.827357054 CET4435001734.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.872364044 CET50010443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.872406960 CET4435001013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.872435093 CET50010443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.872451067 CET4435001013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.880088091 CET50015443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.880101919 CET4435001513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.880860090 CET50015443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.880866051 CET4435001513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.886091948 CET50016443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.886104107 CET4435001634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.886501074 CET4435001634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.886552095 CET50016443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.886907101 CET50016443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.887546062 CET50014443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.887557030 CET4435001434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.887574911 CET50014443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.887579918 CET4435001434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:28.931332111 CET4435001634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.046395063 CET4435001813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.102119923 CET50025443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.102165937 CET4435002513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.102262020 CET50025443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.126684904 CET4435001734.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.126760960 CET50017443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.126779079 CET4435001734.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.126789093 CET4435001734.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.126825094 CET50017443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.126856089 CET4435001734.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.126857042 CET50017443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.126914024 CET50017443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.128032923 CET4435001913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.191767931 CET4435002013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.205713987 CET4435001513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.208731890 CET4435001513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.208800077 CET50015443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.235316992 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.253123999 CET50019443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.253217936 CET50020443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.255336046 CET4435001813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.255414963 CET50018443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.298568964 CET44350012108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.298696995 CET44350012108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.298871994 CET50012443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.328175068 CET4435001634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.328227043 CET50016443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.328239918 CET4435001634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.328248978 CET4435001634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.328277111 CET50016443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.328305006 CET50016443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.349467993 CET50012443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.349487066 CET44350012108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.354825974 CET50026443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.354892969 CET4435002634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.354993105 CET50026443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.355460882 CET50026443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.355492115 CET4435002634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.652261019 CET50020443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.652281046 CET4435002013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.652703047 CET50020443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.652708054 CET4435002013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.652961016 CET50018443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.652993917 CET4435001813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.653367996 CET50018443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.653373003 CET4435001813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.653506041 CET50015443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.653527021 CET4435001513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.653537035 CET50015443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.653542995 CET4435001513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.655744076 CET50025443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.655761003 CET4435002513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.663420916 CET50019443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.663434982 CET4435001913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.663825035 CET50019443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.663829088 CET4435001913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.673280954 CET4435002334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.673355103 CET50023443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.676615000 CET50008443192.168.2.5146.75.120.157
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.676631927 CET44350008146.75.120.157192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.811575890 CET4435002434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.811644077 CET50024443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.813410044 CET50024443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.813416958 CET4435002434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.813657045 CET4435002434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.815191031 CET50024443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.815416098 CET50024443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.815422058 CET4435002434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.952960968 CET50023443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.952990055 CET4435002334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.953875065 CET4435002334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.954773903 CET50023443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.955435991 CET50023443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.955478907 CET4435002334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.968106031 CET4435001813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.971225977 CET4435001813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.971298933 CET50018443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.987529039 CET4435002013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.987952948 CET4435001913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.990122080 CET4435002013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.990175009 CET50020443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.990185022 CET4435002013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.990237951 CET4435002013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.990309954 CET50020443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.991080046 CET4435001913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.991127968 CET50019443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.084002972 CET50027443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.084049940 CET4435002713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.084260941 CET50027443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.084711075 CET50027443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.084723949 CET4435002713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.084964991 CET50018443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.084976912 CET4435001813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.086323977 CET50020443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.086332083 CET4435002013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.086342096 CET50020443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.086348057 CET4435002013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.087208986 CET50019443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.087220907 CET4435001913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.087232113 CET50019443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.087239981 CET4435001913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.272684097 CET4435002434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.272831917 CET4435002434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.272897005 CET50024443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.273277044 CET50024443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.273322105 CET4435002434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.273350954 CET50024443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.273366928 CET4435002434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.281903028 CET50028443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.281986952 CET44350028172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.282095909 CET50028443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.310307980 CET50005443192.168.2.587.248.114.12
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.310317993 CET4435000587.248.114.12192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.310806990 CET50001443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.310811043 CET44350001104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.318101883 CET50029443192.168.2.5172.66.0.227
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.318130016 CET44350029172.66.0.227192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.318248987 CET50029443192.168.2.5172.66.0.227
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.319225073 CET50030443192.168.2.5104.244.42.195
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.319255114 CET44350030104.244.42.195192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.319335938 CET50030443192.168.2.5104.244.42.195
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.320069075 CET50031443192.168.2.5172.66.0.227
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.320080996 CET44350031172.66.0.227192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.320175886 CET50031443192.168.2.5172.66.0.227
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.320605993 CET50032443192.168.2.5104.244.42.195
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.320616961 CET44350032104.244.42.195192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.320784092 CET50032443192.168.2.5104.244.42.195
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.321100950 CET50028443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.321139097 CET44350028172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.321435928 CET50029443192.168.2.5172.66.0.227
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.321448088 CET44350029172.66.0.227192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.321795940 CET50030443192.168.2.5104.244.42.195
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.321815968 CET44350030104.244.42.195192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.321964025 CET50031443192.168.2.5172.66.0.227
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.321971893 CET44350031172.66.0.227192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.322170019 CET50032443192.168.2.5104.244.42.195
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.322179079 CET44350032104.244.42.195192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.425530910 CET4435002334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.425694942 CET4435002334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.425918102 CET50023443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.634115934 CET4435002634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.634205103 CET50026443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.088814974 CET50033443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.088885069 CET4435003334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.088969946 CET50033443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.089378119 CET50033443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.089409113 CET4435003334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.143070936 CET50023443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.143110991 CET4435002334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.143127918 CET50023443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.143135071 CET4435002334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.145143986 CET50026443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.145164967 CET4435002634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.146091938 CET4435002634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.146980047 CET50026443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.147079945 CET50026443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.147149086 CET4435002634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.275132895 CET50036443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.275146961 CET4435003652.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.275204897 CET50036443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.329246998 CET50038443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.329279900 CET4435003813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.329335928 CET50038443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.392740965 CET4435002513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.463752031 CET50025443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.548414946 CET50039443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.548455000 CET4435003952.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.548525095 CET50039443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.550188065 CET50036443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.550220013 CET4435003652.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.550873995 CET50038443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.550889969 CET4435003813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.551798105 CET50039443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.551808119 CET4435003952.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.555931091 CET50025443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.555939913 CET4435002513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.556380987 CET50025443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.556385040 CET4435002513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.557137966 CET50041443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.557147026 CET4435004113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.557202101 CET50041443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.557740927 CET50041443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.557753086 CET4435004113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.602510929 CET50042443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.602544069 CET4435004234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.602636099 CET50042443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.606432915 CET50042443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.606443882 CET4435004234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.612355947 CET44350029172.66.0.227192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.612685919 CET50029443192.168.2.5172.66.0.227
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.612694025 CET44350029172.66.0.227192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.612711906 CET4435002634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.612976074 CET4435002634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.613032103 CET50026443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.613656998 CET44350029172.66.0.227192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.613838911 CET50029443192.168.2.5172.66.0.227
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.616271019 CET50029443192.168.2.5172.66.0.227
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.616328955 CET44350029172.66.0.227192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.616456985 CET50029443192.168.2.5172.66.0.227
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.616462946 CET44350029172.66.0.227192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.620306969 CET44350031172.66.0.227192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.620659113 CET50031443192.168.2.5172.66.0.227
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.620665073 CET44350031172.66.0.227192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.622085094 CET44350031172.66.0.227192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.622179985 CET50031443192.168.2.5172.66.0.227
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.624012947 CET50031443192.168.2.5172.66.0.227
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.624089003 CET44350031172.66.0.227192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.628997087 CET44350032104.244.42.195192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.631783962 CET50032443192.168.2.5104.244.42.195
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.631792068 CET44350032104.244.42.195192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.632762909 CET44350032104.244.42.195192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.632836103 CET50032443192.168.2.5104.244.42.195
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.638823032 CET50032443192.168.2.5104.244.42.195
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.638880968 CET44350032104.244.42.195192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.638962030 CET50032443192.168.2.5104.244.42.195
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.638967991 CET44350032104.244.42.195192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.670830011 CET44350030104.244.42.195192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.681068897 CET50030443192.168.2.5104.244.42.195
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.681091070 CET44350030104.244.42.195192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.682555914 CET44350030104.244.42.195192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.682653904 CET50030443192.168.2.5104.244.42.195
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.688977957 CET50030443192.168.2.5104.244.42.195
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.689172983 CET44350030104.244.42.195192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.703586102 CET44350028172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.716490030 CET50028443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.716527939 CET44350028172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.716895103 CET44350028172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.721824884 CET50028443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.721896887 CET44350028172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.721946955 CET50028443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.752985954 CET50043443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.753002882 CET4435004313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.753070116 CET50043443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.754023075 CET50029443192.168.2.5172.66.0.227
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.755749941 CET50031443192.168.2.5172.66.0.227
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.755759001 CET44350031172.66.0.227192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.763369083 CET44350028172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.769850969 CET50030443192.168.2.5104.244.42.195
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.769855976 CET50028443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.769860983 CET44350030104.244.42.195192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.769865036 CET50032443192.168.2.5104.244.42.195
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.780653000 CET50026443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.780675888 CET4435002634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.878453016 CET4435002513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.881725073 CET4435002513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.882056952 CET50025443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.914150953 CET50044443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.914180040 CET4435004434.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.914274931 CET50044443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.914550066 CET50044443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.914565086 CET4435004434.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.915210009 CET50043443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.915225029 CET4435004313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.937329054 CET50025443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.937329054 CET50025443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.937349081 CET4435002513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.937376022 CET4435002513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.941304922 CET50031443192.168.2.5172.66.0.227
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.963124037 CET50030443192.168.2.5104.244.42.195
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.963385105 CET4435002713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.064003944 CET50027443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.175208092 CET44350032104.244.42.195192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.175282955 CET44350032104.244.42.195192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.175342083 CET50032443192.168.2.5104.244.42.195
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.220114946 CET44350028172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.220221996 CET44350028172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.220290899 CET50028443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.343965054 CET44350029172.66.0.227192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.344059944 CET44350029172.66.0.227192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.344156027 CET50029443192.168.2.5172.66.0.227
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.413930893 CET4435003334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.414000034 CET50033443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.607659101 CET50045443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.607696056 CET4435004534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.607809067 CET50045443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.608303070 CET50045443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.608320951 CET4435004534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.686151028 CET50027443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.686172962 CET4435002713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.687046051 CET50027443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.687052011 CET4435002713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.714884996 CET50032443192.168.2.5104.244.42.195
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.714905024 CET44350032104.244.42.195192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.715169907 CET50029443192.168.2.5172.66.0.227
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.715176105 CET44350029172.66.0.227192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.735022068 CET50033443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.735054970 CET4435003334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.735959053 CET4435003334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.744014978 CET50033443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.744280100 CET50033443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.744286060 CET4435003334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.923451900 CET4435004234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.923527002 CET50042443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.928199053 CET50042443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.928205013 CET4435004234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.928430080 CET4435004234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.935431957 CET50042443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.935602903 CET50042443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:32.935626030 CET4435004234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.028960943 CET4435002713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.032188892 CET4435002713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.032241106 CET4435002713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.032257080 CET50027443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.032305002 CET50027443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.142807007 CET4435004434.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.142879009 CET50044443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.212004900 CET50027443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.212023020 CET4435002713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.212091923 CET50027443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.212096930 CET4435002713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.214159966 CET4435003334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.214325905 CET4435003334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.214473009 CET50033443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.359611988 CET50046443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.359641075 CET4435004613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.359719038 CET50046443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.381037951 CET4435003652.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.394104958 CET4435004234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.394177914 CET4435004234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.394237041 CET50042443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.402569056 CET4435003813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.408282042 CET4435004113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.422527075 CET50044443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.422540903 CET4435004434.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.422807932 CET4435004434.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.425317049 CET50044443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.425687075 CET50044443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.425717115 CET4435004434.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.426821947 CET50036443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.426834106 CET4435003652.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.427741051 CET4435003652.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.427815914 CET50036443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.428402901 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.428420067 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.428699017 CET50048443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.428724051 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.428778887 CET44350048150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.428833961 CET50048443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.429002047 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.429065943 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.429112911 CET50050443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.429133892 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.429141045 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.429183960 CET50050443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.429958105 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.429969072 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.430183887 CET50048443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.430217028 CET44350048150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.430322886 CET50036443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.430396080 CET4435003652.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.430474043 CET50041443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.430510998 CET4435004113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.430537939 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.430566072 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.430675983 CET50050443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.430701971 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.430818081 CET50036443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.430824041 CET4435003652.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.430938959 CET50041443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.430951118 CET4435004113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.431047916 CET50033443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.431071997 CET4435003334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.431097031 CET50033443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.431108952 CET4435003334.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.431817055 CET4435003952.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.436547041 CET50046443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.436563015 CET4435004613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.474365950 CET50042443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.474365950 CET50042443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.474385023 CET4435004234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.474395990 CET4435004234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.474850893 CET50036443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.484595060 CET50038443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.484618902 CET4435003813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.485153913 CET50038443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.485162020 CET4435003813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.548321962 CET50039443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.548336983 CET4435003952.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.548458099 CET50028443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.548486948 CET44350028172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.549455881 CET4435003952.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.549469948 CET4435003952.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.549535036 CET50039443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.551511049 CET50039443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.551570892 CET4435003952.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.560947895 CET50051443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.560990095 CET4435005113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.561068058 CET50051443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.618580103 CET50051443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.618609905 CET4435005113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.620628119 CET50052443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.620666981 CET4435005234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.620984077 CET50052443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.621246099 CET50052443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.621257067 CET4435005234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.753139973 CET50039443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.753154039 CET4435003952.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.769068003 CET50053443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.769082069 CET4435005318.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.769234896 CET50053443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.769627094 CET50053443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.769639015 CET4435005318.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.772252083 CET50054443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.772275925 CET44350054104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.772335052 CET50054443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.772722960 CET50054443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.772730112 CET44350054104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.780205965 CET4435004313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.855098963 CET4435003813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.858380079 CET4435003813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.858591080 CET50038443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.860466003 CET4435004113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.862977982 CET50043443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.863912106 CET4435004113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.867675066 CET50041443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.876594067 CET4435004434.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.877620935 CET4435004434.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.877657890 CET4435004434.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.877687931 CET50044443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.877693892 CET4435004434.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.877706051 CET4435004434.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.877744913 CET50044443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.885164022 CET50043443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.885185003 CET4435004313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.885989904 CET4435004434.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.886034012 CET50044443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.886044025 CET4435004434.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.886737108 CET50043443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.886749029 CET4435004313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.894282103 CET4435004434.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.894336939 CET50044443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.894345999 CET4435004434.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.896430969 CET4435004434.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.896481991 CET50044443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.917180061 CET4435003652.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.917200089 CET4435003652.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.917207956 CET4435003652.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.917237043 CET4435003652.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.917247057 CET4435003652.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.917254925 CET4435003652.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.917254925 CET50036443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.917269945 CET4435003652.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.917299032 CET50036443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.917311907 CET50036443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.919517040 CET4435004534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.919579983 CET50045443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.942503929 CET50039443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.950665951 CET50038443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.950685024 CET4435003813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.950694084 CET50038443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.950699091 CET4435003813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.951854944 CET50041443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.951891899 CET4435004113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.951934099 CET50041443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.951948881 CET4435004113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.967523098 CET50055443192.168.2.5216.239.36.181
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.967570066 CET44350055216.239.36.181192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.967658997 CET50055443192.168.2.5216.239.36.181
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.970101118 CET50056443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.970170021 CET4435005635.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.970364094 CET50056443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.970628977 CET50057443192.168.2.5172.217.19.2
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.970648050 CET44350057172.217.19.2192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.970863104 CET50057443192.168.2.5172.217.19.2
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.973304033 CET50055443192.168.2.5216.239.36.181
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.973335981 CET44350055216.239.36.181192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.973511934 CET50056443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.973548889 CET4435005635.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.973680973 CET50057443192.168.2.5172.217.19.2
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.973694086 CET44350057172.217.19.2192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.975459099 CET50045443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.975483894 CET4435004534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.975733042 CET4435004534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.976963997 CET50045443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.977060080 CET50045443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.977087975 CET4435004534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.016026020 CET49801443192.168.2.523.1.237.91
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.017421007 CET50044443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.017432928 CET4435004434.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.017457008 CET50044443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.017462015 CET4435004434.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.069029093 CET4435003652.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.069080114 CET4435003652.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.069122076 CET50036443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.069138050 CET4435003652.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.069192886 CET50036443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.094094038 CET4435003652.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.094173908 CET50036443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.094185114 CET4435003652.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.094233036 CET50036443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.236094952 CET50059443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.236159086 CET4435005913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.236238003 CET50059443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.237162113 CET4435004313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.237318993 CET4435004313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.237411022 CET50043443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.241575003 CET50060443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.241616964 CET4435006034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.241671085 CET50060443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.242225885 CET50060443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.242238998 CET4435006034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.261217117 CET50061443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.261255980 CET4435006113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.261357069 CET50061443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.281260014 CET50059443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.281297922 CET4435005913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.281663895 CET50043443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.281663895 CET50043443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.281718969 CET4435004313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.281749010 CET4435004313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.286366940 CET50062443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.286390066 CET4435006234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.286443949 CET50062443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.286684036 CET50062443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.286695957 CET4435006234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.294229031 CET50036443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.294248104 CET4435003652.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.317866087 CET50061443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.317884922 CET4435006113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.380108118 CET50063443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.380142927 CET4435006313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.380239010 CET50063443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.388689041 CET50063443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.388701916 CET4435006313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.389349937 CET4435004534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.389415979 CET4435004534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.389482021 CET50045443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.431782007 CET50045443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.431809902 CET4435004534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.431827068 CET50045443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.431833982 CET4435004534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.579092979 CET50064443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.579209089 CET4435006434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.579282999 CET50064443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.579705000 CET50064443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.579737902 CET4435006434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.888185978 CET4435005234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.888278961 CET50052443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.910923004 CET50052443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.910940886 CET4435005234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.911178112 CET4435005234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.913736105 CET50052443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.913857937 CET50052443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.913863897 CET4435005234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.916454077 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.950673103 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.950753927 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.951864004 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.951956987 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.969858885 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.973176003 CET44350048150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.993782997 CET50050443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.993825912 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.994574070 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.994637012 CET50050443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.995327950 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:34.995392084 CET50050443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.000572920 CET50048443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.000590086 CET44350048150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.000756979 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.000849009 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.001194000 CET44350048150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.001265049 CET50048443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.002037048 CET50050443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.002110958 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.002149105 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.002187014 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.002234936 CET44350048150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.002285957 CET50048443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.003442049 CET50050443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.003458023 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.003540039 CET50048443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.003639936 CET44350048150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.072808981 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.073571920 CET50050443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.073571920 CET50048443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.073582888 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.073596954 CET44350048150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.078100920 CET44350054104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.146927118 CET50054443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.152111053 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.152148008 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.152544022 CET50054443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.152551889 CET44350054104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.152956963 CET44350054104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.153825998 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.153846979 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.153898001 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.156405926 CET50054443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.156466007 CET44350054104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.156793118 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.156893015 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.156982899 CET50054443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.203325987 CET44350054104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.227026939 CET4435004613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.234009981 CET4435005635.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.234020948 CET44350055216.239.36.181192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.274370909 CET50048443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.274375916 CET50055443192.168.2.5216.239.36.181
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.274375916 CET50046443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.274382114 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.274419069 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.287806034 CET50046443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.287817001 CET4435004613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.288280010 CET50046443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.288285017 CET4435004613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.288476944 CET50056443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.288490057 CET4435005635.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.288640022 CET50055443192.168.2.5216.239.36.181
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.288666964 CET44350055216.239.36.181192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.289130926 CET44350055216.239.36.181192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.289186954 CET50055443192.168.2.5216.239.36.181
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.289587975 CET4435005635.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.289598942 CET4435005635.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.289645910 CET50056443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.290139914 CET44350055216.239.36.181192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.290183067 CET50055443192.168.2.5216.239.36.181
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.348947048 CET4435005234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.349023104 CET4435005234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.349301100 CET50052443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.369297981 CET50055443192.168.2.5216.239.36.181
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.369507074 CET44350055216.239.36.181192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.370337009 CET50055443192.168.2.5216.239.36.181
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.370379925 CET44350055216.239.36.181192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.370444059 CET50056443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.370558023 CET4435005635.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.370637894 CET50056443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.371701956 CET4435005113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.411345959 CET4435005635.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.412309885 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.412326097 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.412379026 CET50050443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.412393093 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.412492990 CET50050443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.439894915 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.439902067 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.439940929 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.439975023 CET50050443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.440022945 CET50050443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.441941023 CET50056443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.441948891 CET4435005635.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.441989899 CET50051443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.456617117 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.456677914 CET50050443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.456932068 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.457009077 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.457011938 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.457036018 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.457082033 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.457098961 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.473592043 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.473917961 CET50055443192.168.2.5216.239.36.181
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.486745119 CET4435005318.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.541829109 CET44350054104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.541898012 CET44350054104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.541924953 CET44350054104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.541969061 CET50054443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.541981936 CET44350054104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.541991949 CET44350054104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.542021990 CET50054443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.542046070 CET44350054104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.542100906 CET50054443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.542107105 CET44350054104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.542145967 CET44350054104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.542202950 CET50054443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.553261995 CET50056443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.553874969 CET4435006034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.553939104 CET50053443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.553981066 CET50060443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.554120064 CET4435006234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.554188013 CET50062443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.618968010 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.618978977 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.619082928 CET50050443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.619147062 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.642133951 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.642236948 CET50050443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.642256021 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.665297031 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.665306091 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.665380955 CET50050443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.665400982 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.666459084 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.668184042 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.668195963 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.668263912 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.668267965 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.668296099 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.668324947 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.668330908 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.668356895 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.668382883 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.668409109 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.670686960 CET4435004613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.674189091 CET4435004613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.675580978 CET50046443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.696059942 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.696068048 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.696115971 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.696232080 CET50050443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.696233034 CET50050443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.696260929 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.703773022 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.703881025 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.703883886 CET50050443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.703923941 CET50050443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.712523937 CET44350057172.217.19.2192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.717367887 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.717376947 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.717410088 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.717420101 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.717441082 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.717447042 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.717453003 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.717502117 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.717534065 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.717534065 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.717534065 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.723192930 CET4435005635.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.723251104 CET4435005635.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.723787069 CET50056443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.773789883 CET50057443192.168.2.5172.217.19.2
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.774818897 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.781192064 CET50062443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.781224012 CET4435006234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.782550097 CET4435006234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.787856102 CET50062443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.835334063 CET4435006234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.864934921 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.864948034 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.865010023 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.865027905 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.865044117 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.865080118 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.865087032 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.865107059 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.865150928 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.901956081 CET50052443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.902002096 CET4435005234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.902018070 CET50052443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.902024984 CET4435005234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.906101942 CET50053443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.906142950 CET4435005318.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.906445980 CET50057443192.168.2.5172.217.19.2
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.906478882 CET44350057172.217.19.2192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.906857014 CET50056443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.906939983 CET4435005635.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.907500029 CET44350057172.217.19.2192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.907511950 CET44350057172.217.19.2192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.907586098 CET50057443192.168.2.5172.217.19.2
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.907676935 CET50051443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.907701969 CET4435005113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.907828093 CET4435005318.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.907846928 CET4435005318.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.907895088 CET50053443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.908557892 CET50051443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.908569098 CET4435005113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.910419941 CET50057443192.168.2.5172.217.19.2
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.910491943 CET44350057172.217.19.2192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.911067009 CET50057443192.168.2.5172.217.19.2
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.911076069 CET44350057172.217.19.2192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.911199093 CET50053443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.911289930 CET4435005318.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.911406994 CET50053443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.911416054 CET4435005318.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.948754072 CET50060443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.948770046 CET4435006034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.949779034 CET4435006034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.952768087 CET50060443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.977334023 CET50057443192.168.2.5172.217.19.2
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.984517097 CET44350055216.239.36.181192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.984617949 CET44350055216.239.36.181192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.984667063 CET50055443192.168.2.5216.239.36.181
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:35.999326944 CET4435006034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.020948887 CET50046443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.020988941 CET4435004613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.021007061 CET50046443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.021014929 CET4435004613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.022027969 CET50062443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.022048950 CET4435006234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.022349119 CET50060443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.022355080 CET4435006034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.053483009 CET50055443192.168.2.5216.239.36.181
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.053514004 CET44350055216.239.36.181192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.055401087 CET50053443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.055932999 CET50077443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.055967093 CET4435007735.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.056221962 CET50077443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.056442022 CET50077443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.056451082 CET4435007735.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.060339928 CET50078443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.060348988 CET4435007813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.060425043 CET50078443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.072947979 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.072958946 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.073004961 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.073031902 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.073049068 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.073065996 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.073081970 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.073096991 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.073108912 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.073117018 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.073133945 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.073175907 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.073184967 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.073196888 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.073210001 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.073265076 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.073266983 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.073282003 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.073318958 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.073324919 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.073389053 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.077372074 CET4435005913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.078674078 CET4435006113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.079437017 CET50079443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.079468966 CET4435007934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.079554081 CET50079443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.080275059 CET50079443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.080284119 CET4435007934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.083229065 CET4435006434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.083308935 CET50064443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.108202934 CET50078443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.108248949 CET4435007813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.108901978 CET4435006313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.129688978 CET50063443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.129734039 CET4435006313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.130069971 CET50063443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.130075932 CET4435006313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.130507946 CET50059443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.130601883 CET4435005913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.131205082 CET50059443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.131217957 CET4435005913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.132361889 CET50061443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.132376909 CET4435006113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.132931948 CET50061443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.132937908 CET4435006113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.182491064 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.183531046 CET50050443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.183558941 CET44350050150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.183902025 CET50054443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.183921099 CET44350054104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.192262888 CET50064443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.192281961 CET4435006434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.193396091 CET4435006434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.194396019 CET50064443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.194495916 CET50064443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.194569111 CET4435006434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.211283922 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.211354971 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.211359024 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.211376905 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.211407900 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.213879108 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.215292931 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.215302944 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.215347052 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.230412006 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.230458021 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.230501890 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.230514050 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.230544090 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.230576992 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.230935097 CET4435005113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.234110117 CET4435005113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.234170914 CET50051443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.247119904 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.247140884 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.247201920 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.247221947 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.247252941 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.247272968 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.267788887 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.267806053 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.267875910 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.267893076 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.267946005 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.284437895 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.284452915 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.284523964 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.284539938 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.284960985 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.295206070 CET50051443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.295214891 CET4435005113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.314626932 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.314711094 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.327088118 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.327167988 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.327178955 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.327195883 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.327225924 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.346385002 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.346405029 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.346467018 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.346483946 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.346513987 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.363079071 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.363101006 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.363198996 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.363215923 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.365801096 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.365863085 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.365895987 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.365936041 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.395704031 CET50103443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.395723104 CET4435010313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.395832062 CET50103443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.408159971 CET50104443192.168.2.554.246.144.89
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.408170938 CET4435010454.246.144.89192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.408220053 CET50104443192.168.2.554.246.144.89
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.408426046 CET50104443192.168.2.554.246.144.89
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.408436060 CET4435010454.246.144.89192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.410012960 CET4435005318.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.410043955 CET4435005318.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.410053968 CET4435005318.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.410068989 CET4435005318.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.410079002 CET4435005318.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.410087109 CET50053443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.410087109 CET4435005318.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.410115957 CET4435005318.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.410132885 CET50053443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.410219908 CET4435005318.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.410271883 CET50053443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.414967060 CET4435006234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.415139914 CET4435006234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.415210009 CET50062443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.423860073 CET50103443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.423875093 CET4435010313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.425375938 CET4435006034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.425466061 CET4435006034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.425551891 CET50060443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.432543039 CET50049443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.432569981 CET44350049157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.465898991 CET50062443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.465925932 CET4435006234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.466922998 CET50060443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.466928005 CET4435006034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.492671967 CET50039443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.496387959 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.496552944 CET50053443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.496570110 CET4435005318.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.512325048 CET4435005913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.513315916 CET4435006113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.515403986 CET4435005913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.515479088 CET50059443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.516438007 CET4435006113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.516490936 CET50061443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.531569004 CET50059443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.531569004 CET50059443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.531615019 CET4435005913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.531646013 CET4435005913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.533148050 CET50061443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.533148050 CET50061443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.533164024 CET4435006113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.533174992 CET4435006113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.535336971 CET4435003952.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.542808056 CET4435006313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.543329954 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.546370983 CET4435006313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.546416998 CET4435006313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.546487093 CET50063443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.551472902 CET4435006434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.551667929 CET4435006434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.551753998 CET50064443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.565195084 CET50063443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.565200090 CET4435006313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.565210104 CET50063443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.565215111 CET4435006313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.574127913 CET50064443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.574167013 CET4435006434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.574217081 CET50064443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.574233055 CET4435006434.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.614371061 CET44350057172.217.19.2192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.617738962 CET44350057172.217.19.2192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.617788076 CET50057443192.168.2.5172.217.19.2
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.659476042 CET50108443192.168.2.566.102.1.155
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.659498930 CET4435010866.102.1.155192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.659554005 CET50108443192.168.2.566.102.1.155
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.659903049 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.659919977 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.660006046 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.660177946 CET50108443192.168.2.566.102.1.155
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.660188913 CET4435010866.102.1.155192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.660339117 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.660351038 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.717371941 CET50110443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.717386007 CET4435011034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.717441082 CET50110443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.717681885 CET50110443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.717691898 CET4435011034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.729073048 CET50111443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.729125023 CET4435011113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.729198933 CET50111443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.742902994 CET50112443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.742930889 CET4435011213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.743019104 CET50112443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.744508028 CET50111443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.744545937 CET4435011113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.812000036 CET50112443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.812040091 CET4435011213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.813841105 CET50113443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.813875914 CET4435011313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.813926935 CET50113443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.814048052 CET50113443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.814059019 CET4435011313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.848355055 CET50057443192.168.2.5172.217.19.2
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.848366022 CET44350057172.217.19.2192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.033354044 CET4435003952.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.033437014 CET4435003952.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.033576012 CET50039443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.052793980 CET50039443192.168.2.552.209.8.105
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.052808046 CET4435003952.209.8.105192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.317251921 CET4435007735.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.346986055 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.347054958 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.347182989 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.353189945 CET50077443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.353199005 CET4435007735.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.353527069 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.353579044 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.353585005 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.353604078 CET4435007735.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.356915951 CET50077443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.356978893 CET4435007735.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.357126951 CET50077443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.393978119 CET4435007934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.394042015 CET50079443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.403330088 CET4435007735.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.427494049 CET50079443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.427508116 CET4435007934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.427748919 CET4435007934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.428797960 CET50079443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.428944111 CET50079443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.428949118 CET4435007934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.550339937 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.550364017 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.550407887 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.550407887 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.550426960 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.550442934 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.550445080 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.550465107 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.550476074 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.550477028 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.550513029 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.550523996 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.555970907 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.556029081 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.556066036 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.556122065 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.604633093 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.604645014 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.604680061 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.604693890 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.604715109 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.604722023 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.604751110 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.604773045 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.609654903 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.609819889 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.610043049 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.610059977 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.610136986 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.751734972 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.751754999 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.751791000 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.751796961 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.751822948 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.751841068 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.751842022 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.751856089 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.751868010 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.751897097 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.753596067 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.753650904 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.768943071 CET50126443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.768973112 CET4435012634.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.769046068 CET50126443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.769342899 CET50126443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.769355059 CET4435012634.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.774955988 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.774967909 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.775029898 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.775068045 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.775075912 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.775084972 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.788557053 CET4435007735.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.788640022 CET4435007735.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.788677931 CET50077443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.790944099 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.790985107 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.790992022 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.791024923 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.791069984 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.791074038 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.808039904 CET50077443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.808052063 CET4435007735.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.812141895 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.812179089 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.812191963 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.812201977 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.812233925 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.812258005 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.815996885 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.816112041 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.816164970 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.825417995 CET50047443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.825423956 CET44350047157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.842577934 CET4435010454.246.144.89192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.843000889 CET50104443192.168.2.554.246.144.89
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.843010902 CET4435010454.246.144.89192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.844085932 CET4435010454.246.144.89192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.844137907 CET50104443192.168.2.554.246.144.89
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.846026897 CET50104443192.168.2.554.246.144.89
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.846081018 CET4435010454.246.144.89192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.847163916 CET50104443192.168.2.554.246.144.89
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.847170115 CET4435010454.246.144.89192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.863877058 CET4435007934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.863940001 CET4435007934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.863997936 CET50079443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.889234066 CET50079443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.889261007 CET4435007934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.894768000 CET4435007813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.900590897 CET50078443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.900619984 CET4435007813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.901062012 CET50078443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.901067972 CET4435007813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.973238945 CET50104443192.168.2.554.246.144.89
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.979779959 CET4435011034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.979867935 CET50110443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.984169006 CET50110443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.984179020 CET4435011034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.984425068 CET4435011034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.985456944 CET50110443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.985584974 CET50110443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.985614061 CET4435011034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.007491112 CET50127443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.007535934 CET44350127157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.007601976 CET50127443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.007664919 CET50128443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.007699966 CET44350128157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.007755041 CET50128443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.008132935 CET50127443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.008157969 CET44350127157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.008297920 CET50128443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.008311033 CET44350128157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.052033901 CET4435010866.102.1.155192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.056484938 CET50108443192.168.2.566.102.1.155
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.056493998 CET4435010866.102.1.155192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.057349920 CET4435010866.102.1.155192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.057406902 CET50108443192.168.2.566.102.1.155
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.063141108 CET50108443192.168.2.566.102.1.155
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.063196898 CET4435010866.102.1.155192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.063498020 CET50108443192.168.2.566.102.1.155
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.063505888 CET4435010866.102.1.155192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.175961018 CET50108443192.168.2.566.102.1.155
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.220040083 CET4435010313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.340492010 CET50103443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.342788935 CET4435007813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.345895052 CET4435007813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.346297979 CET50078443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.358943939 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.367281914 CET4435010454.246.144.89192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.367393017 CET4435010454.246.144.89192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.367451906 CET50104443192.168.2.554.246.144.89
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.442960024 CET4435011034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.443038940 CET4435011034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.443207979 CET50110443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.472995043 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.535028934 CET4435011113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.537456989 CET4435011313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.579087019 CET4435010866.102.1.155192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.579142094 CET4435010866.102.1.155192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.579181910 CET50108443192.168.2.566.102.1.155
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.589904070 CET50113443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.589915991 CET4435011313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.590352058 CET50113443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.590354919 CET4435011313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.590630054 CET50103443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.590645075 CET4435010313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.591017962 CET50103443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.591022968 CET4435010313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.593055010 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.593075037 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.594639063 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.594655991 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.594733000 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.595199108 CET50108443192.168.2.566.102.1.155
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.595206022 CET4435010866.102.1.155192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.597825050 CET50111443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.599054098 CET50104443192.168.2.554.246.144.89
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.599059105 CET4435010454.246.144.89192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.605650902 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.605739117 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.605787992 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.606137037 CET50078443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.606142044 CET4435007813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.606156111 CET50078443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.606159925 CET4435007813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.606404066 CET4435011213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.606695890 CET50112443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.606707096 CET4435011213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.607333899 CET50112443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.607337952 CET4435011213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.608720064 CET50140443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.608741999 CET4435014013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.608819008 CET50140443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.609040976 CET50140443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.609051943 CET4435014013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.610819101 CET50110443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.610826969 CET4435011034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.610841036 CET50110443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.610846043 CET4435011034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.614850998 CET50111443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.614856005 CET4435011113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.615261078 CET50111443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.615264893 CET4435011113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.619489908 CET50141443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.619513035 CET4435014134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.619575024 CET50141443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.619812965 CET50141443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.619826078 CET4435014134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.651326895 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.775012970 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.775026083 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.940902948 CET4435010313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.944127083 CET4435010313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.944288015 CET50103443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.944329023 CET50103443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.944350958 CET4435010313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.944360971 CET50103443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.944366932 CET4435010313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.950139999 CET50158443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.950190067 CET4435015813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.950305939 CET50158443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.950692892 CET50158443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.950706959 CET4435015813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.975207090 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.065885067 CET4435011113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.066011906 CET4435011113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.066216946 CET50111443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.071043968 CET4435011313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.071069956 CET4435011313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.071115017 CET4435011313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.071125984 CET50113443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.071160078 CET50113443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.083358049 CET4435011213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.083388090 CET4435011213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.083488941 CET50112443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.083501101 CET4435011213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.086560965 CET4435011213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.086611032 CET50112443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.095484018 CET4435012634.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.095570087 CET50126443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.099498034 CET50111443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.099512100 CET4435011113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.099539995 CET50111443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.099545002 CET4435011113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.101541042 CET50113443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.101546049 CET4435011313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.101555109 CET50113443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.101560116 CET4435011313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.102269888 CET50112443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.102273941 CET4435011213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.102289915 CET50112443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.102298021 CET4435011213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.105550051 CET50126443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.105556011 CET4435012634.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.105815887 CET4435012634.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.106708050 CET50126443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.106914997 CET50126443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.106942892 CET4435012634.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.112348080 CET50159443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.112404108 CET4435015913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.112571955 CET50159443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.114736080 CET50160443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.114757061 CET4435016013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.115067959 CET50160443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.130846977 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.130875111 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.130886078 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.130903959 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.130913973 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.130923986 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.130945921 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.130964041 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.130979061 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.131059885 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.133650064 CET50162443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.133656979 CET4435016213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.133898020 CET50162443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.134428024 CET50159443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.134468079 CET4435015913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.140594959 CET50160443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.140607119 CET4435016013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.193497896 CET50162443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.193519115 CET4435016213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.325278997 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.325313091 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.325330973 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.325350046 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.325377941 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.325397015 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.325414896 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.325421095 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.325444937 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.325467110 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.325467110 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.325479984 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.376462936 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.376471996 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.376524925 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.376535892 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.376581907 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.376612902 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.376624107 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.376632929 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.376632929 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.376678944 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.452883005 CET44350127157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.475935936 CET50127443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.475970984 CET44350127157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.479626894 CET44350127157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.479716063 CET50127443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.481914043 CET50127443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.482120991 CET50127443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.482130051 CET44350127157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.510782003 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.510792017 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.510827065 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.510842085 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.510871887 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.510890007 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.511050940 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.513523102 CET44350128157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.515892982 CET50128443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.515939951 CET44350128157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.517010927 CET44350128157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.517082930 CET50128443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.517404079 CET50128443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.517477036 CET44350128157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.517573118 CET50128443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.517590046 CET44350128157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.523355961 CET44350127157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.546065092 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.546072960 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.546120882 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.546199083 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.546200037 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.546211958 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.546262980 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.556879044 CET4435012634.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.556947947 CET4435012634.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.556982040 CET4435012634.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.557024002 CET50126443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.557038069 CET4435012634.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.557081938 CET4435012634.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.557087898 CET50126443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.557104111 CET4435012634.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.557152033 CET50126443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.565340042 CET4435012634.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.572000980 CET50127443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.572021008 CET44350127157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.573781967 CET4435012634.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.573834896 CET50126443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.573847055 CET4435012634.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.575404882 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.575422049 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.575505972 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.575519085 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.575579882 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.575804949 CET4435012634.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.575860977 CET50126443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.593429089 CET50126443192.168.2.534.149.202.126
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.593439102 CET4435012634.149.202.126192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.609366894 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.609430075 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.609462023 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.609476089 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.609524012 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.609524012 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.650098085 CET50128443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.726658106 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.726675034 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.726824045 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.726845026 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.727005959 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.745817900 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.745831966 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.745940924 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.745949984 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.746198893 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.767271996 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.767298937 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.767350912 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.767364025 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.767638922 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.767638922 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.775949955 CET50127443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.788697004 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.788716078 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.789545059 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.789557934 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.790606022 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.804111958 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.804177999 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.804610968 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.830377102 CET50109443192.168.2.513.33.187.74
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.830394983 CET4435010913.33.187.74192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.931575060 CET4435014134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.931648016 CET50141443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.943427086 CET50141443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.943469048 CET4435014134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.943671942 CET4435014134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.945842028 CET50141443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.945945024 CET50141443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.945960045 CET4435014134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.976115942 CET44350127157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.976306915 CET44350127157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:39.976412058 CET50127443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.069291115 CET50127443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.069361925 CET44350127157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.176019907 CET44350128157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.176179886 CET44350128157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.176253080 CET50128443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.176276922 CET44350128157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.176352024 CET44350128157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.176429987 CET50128443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.206455946 CET50128443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.206486940 CET44350128157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.410351992 CET4435014013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.415198088 CET4435014134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.415225983 CET50140443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.415252924 CET4435014013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.415591955 CET4435014134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.415653944 CET50140443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.415659904 CET4435014013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.415690899 CET50141443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.418668985 CET50141443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.418678999 CET4435014134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.418694973 CET50141443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.418699980 CET4435014134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.430305958 CET50182443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.430319071 CET4435018234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.430399895 CET50182443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.435125113 CET50182443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.435133934 CET4435018234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.667905092 CET4435015813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.718895912 CET50158443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.718914032 CET4435015813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.719906092 CET50158443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.719911098 CET4435015813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.853601933 CET4435014013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.856740952 CET4435014013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.856844902 CET4435014013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.856985092 CET50140443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.858840942 CET50140443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.858841896 CET50140443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.858859062 CET4435014013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.858869076 CET4435014013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.928828955 CET4435015913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.944003105 CET4435016013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.974296093 CET50159443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.997396946 CET50159443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.997411013 CET4435015913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.998104095 CET50159443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.998115063 CET4435015913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.998734951 CET50160443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.998770952 CET4435016013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.999367952 CET50160443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:40.999381065 CET4435016013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.014997005 CET50200443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.015034914 CET4435020013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.015183926 CET50200443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.015367985 CET50200443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.015376091 CET4435020013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.025005102 CET4435016213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.101558924 CET4435015813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.104891062 CET4435015813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.104991913 CET50158443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.147881031 CET50162443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.377648115 CET4435015913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.380748987 CET4435015913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.380798101 CET4435015913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.380835056 CET50159443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.380872011 CET50159443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.392729044 CET4435016013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.396178961 CET4435016013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.396239996 CET50160443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.421591997 CET50162443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.421603918 CET4435016213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.422090054 CET50162443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.422096014 CET4435016213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.422254086 CET50160443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.422254086 CET50160443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.422264099 CET4435016013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.422276020 CET4435016013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.473758936 CET50158443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.473758936 CET50158443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.473773956 CET4435015813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.473783970 CET4435015813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.483277082 CET50159443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.483297110 CET4435015913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.483309984 CET50159443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.483319044 CET4435015913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.706053972 CET4435018234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.706114054 CET50182443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.747168064 CET4435016213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.747191906 CET4435016213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.747261047 CET50162443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.747267962 CET4435016213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.750319958 CET4435016213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.753598928 CET50162443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.775629044 CET50182443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.775644064 CET4435018234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.775851965 CET4435018234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.778240919 CET50182443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.778417110 CET50182443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.778422117 CET4435018234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.780234098 CET50162443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.780245066 CET4435016213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.856684923 CET50210443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.856728077 CET4435021013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.856806040 CET50210443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.868575096 CET50211443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.868604898 CET4435021113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.868760109 CET50211443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.869183064 CET50212443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.869204044 CET4435021213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.869292021 CET50212443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.869596958 CET50213443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.869612932 CET4435021313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.869762897 CET50210443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.869786978 CET4435021013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.869805098 CET50213443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.869864941 CET50213443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.869869947 CET4435021313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.014317036 CET50211443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.014348984 CET4435021113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.015563011 CET50212443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.015585899 CET4435021213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.172836065 CET4435018234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.172894001 CET4435018234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.172949076 CET50182443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.230403900 CET50182443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.230405092 CET50182443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.230429888 CET4435018234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.230452061 CET4435018234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.312263966 CET50226443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.312300920 CET4435022634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.312889099 CET50226443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.313163996 CET50226443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.313183069 CET4435022634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.543941021 CET49993443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.543972015 CET4434999334.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.544945002 CET49994443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.544965029 CET4434999434.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.582897902 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.582966089 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.583167076 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.583337069 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.583349943 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.590040922 CET49996443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.590061903 CET4434999634.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.590884924 CET49995443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.590897083 CET4434999534.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.592291117 CET50017443192.168.2.534.160.176.28
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.592308998 CET4435001734.160.176.28192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.592515945 CET50016443192.168.2.534.111.175.102
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.592521906 CET4435001634.111.175.102192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:42.880868912 CET4435020013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.039917946 CET50200443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.071880102 CET50230443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.071913958 CET4435023034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.071983099 CET50230443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.072350979 CET50230443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.072365046 CET4435023034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.147655964 CET50200443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.147684097 CET4435020013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.148622036 CET50200443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.148627043 CET4435020013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.156949997 CET50231443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.156966925 CET4435023134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.157031059 CET50231443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.158552885 CET50231443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.158562899 CET4435023134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.485061884 CET4435020013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.487999916 CET4435020013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.488063097 CET50200443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.488123894 CET4435020013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.488312006 CET50200443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.533324957 CET4435022634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.533406019 CET50226443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.550970078 CET50200443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.550997972 CET4435020013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.551038027 CET50200443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.551078081 CET4435020013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.565373898 CET50226443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.565396070 CET4435022634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.566221952 CET4435022634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.567425013 CET50226443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.567517042 CET50226443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.567627907 CET4435022634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.667419910 CET4435021013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.678384066 CET4435021313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.713615894 CET50240443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.713638067 CET4435024013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.713689089 CET50240443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.714250088 CET50210443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.714279890 CET4435021013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.714689016 CET50210443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.714695930 CET4435021013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.715375900 CET50213443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.715392113 CET4435021313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.715760946 CET50213443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.715766907 CET4435021313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.746944904 CET50240443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.746963024 CET4435024013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.798060894 CET4435021213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.799164057 CET4435021113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.841104031 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.841167927 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.877230883 CET50212443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.877573013 CET50211443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.963139057 CET50212443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.963157892 CET4435021213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.963613033 CET50212443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.963617086 CET4435021213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.964735985 CET50211443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.964756012 CET4435021113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.965148926 CET50211443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.965152979 CET4435021113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.988517046 CET4435022634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.988605976 CET4435022634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:43.988678932 CET50226443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.288455009 CET4435021013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.289833069 CET4435021313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.290162086 CET4435021313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.290246964 CET50213443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.292578936 CET4435021013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.292633057 CET4435021013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.292694092 CET50210443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.293541908 CET4435021113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.296571016 CET4435021113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.296621084 CET50211443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.337272882 CET4435023034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.337342978 CET50230443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.340447903 CET50226443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.340467930 CET4435022634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.348345041 CET50210443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.348365068 CET4435021013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.348401070 CET50210443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.348407030 CET4435021013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.348643064 CET50213443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.348668098 CET4435021313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.348685026 CET50213443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.348691940 CET4435021313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.350449085 CET50211443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.350455046 CET4435021113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.393626928 CET50230443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.393661022 CET4435023034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.394583941 CET4435023034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.396507978 CET50230443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.396656036 CET50230443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.396697044 CET4435023034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.429640055 CET50266443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.429649115 CET4435026613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.429719925 CET50266443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.442573071 CET4435021213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.445519924 CET4435021213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.445586920 CET50212443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.474760056 CET4435023134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.474839926 CET50231443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.576638937 CET50269443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.576658964 CET4435026934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.576714993 CET50269443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.577029943 CET50269443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.577039003 CET4435026934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.602241993 CET50266443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.602257967 CET4435026613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.602819920 CET50212443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.602834940 CET4435021213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.602847099 CET50212443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.602853060 CET4435021213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.606031895 CET50231443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.606044054 CET4435023134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.606919050 CET4435023134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.607875109 CET50231443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.608017921 CET50231443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.608081102 CET4435023134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.682651997 CET50280443192.168.2.563.34.142.90
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.682676077 CET4435028063.34.142.90192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.682744026 CET50280443192.168.2.563.34.142.90
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.687964916 CET50280443192.168.2.563.34.142.90
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.687978983 CET4435028063.34.142.90192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.724739075 CET50285443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.724760056 CET4435028513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.724865913 CET50285443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.736020088 CET50286443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.736049891 CET4435028613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.736152887 CET50286443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.741122007 CET50287443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.741144896 CET4435028713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.741283894 CET50287443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.745408058 CET50285443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.745420933 CET4435028513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.754369974 CET50286443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.754384041 CET4435028613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.756628036 CET50287443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.756644964 CET4435028713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.796787024 CET4435023034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.796885014 CET4435023034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.796945095 CET50230443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.845067978 CET50288443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.845098019 CET44350288108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.845206976 CET50288443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.846332073 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.846368074 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.846431017 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.847022057 CET50230443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.847033024 CET4435023034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.847181082 CET50230443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.847186089 CET4435023034.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.848022938 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.848108053 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.848315001 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.849442959 CET50291443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.849457979 CET44350291172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.849525928 CET50291443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.849595070 CET50292443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.849607944 CET44350292172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.849662066 CET50292443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.850927114 CET50293443192.168.2.5104.244.42.3
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.850964069 CET44350293104.244.42.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.851109982 CET50293443192.168.2.5104.244.42.3
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.853445053 CET50295443192.168.2.5162.159.140.229
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.853527069 CET44350295162.159.140.229192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.853595972 CET50295443192.168.2.5162.159.140.229
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.854585886 CET50288443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.854597092 CET44350288108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.854723930 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.854743958 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.854856968 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.854891062 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.855318069 CET50291443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.855326891 CET44350291172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.855612993 CET50292443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.855624914 CET44350292172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.855828047 CET50293443192.168.2.5104.244.42.3
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.855848074 CET44350293104.244.42.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.856987953 CET50295443192.168.2.5162.159.140.229
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.857021093 CET44350295162.159.140.229192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:45.081526995 CET4435023134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:45.081692934 CET4435023134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:45.081751108 CET50231443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:45.088135004 CET50231443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:45.088151932 CET4435023134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:45.088162899 CET50231443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:45.088167906 CET4435023134.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:45.577496052 CET4435024013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:45.587951899 CET50240443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:45.587975979 CET4435024013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:45.588408947 CET50240443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:45.588414907 CET4435024013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:45.848781109 CET4435026934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:45.848902941 CET50269443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:45.870601892 CET50269443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:45.870615005 CET4435026934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:45.871577978 CET4435026934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:45.872373104 CET50269443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:45.872580051 CET50269443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:45.872629881 CET4435026934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.017487049 CET4435024013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.021095991 CET4435024013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.021152973 CET50240443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.021171093 CET4435024013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.021226883 CET4435024013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.021378994 CET50240443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.034931898 CET50240443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.034949064 CET4435024013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.079617977 CET44350295162.159.140.229192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.092612982 CET50343443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.092638969 CET4435034313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.092720985 CET50343443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.094028950 CET50295443192.168.2.5162.159.140.229
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.094047070 CET44350295162.159.140.229192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.095207930 CET50343443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.095231056 CET4435034313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.098848104 CET44350295162.159.140.229192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.098938942 CET50295443192.168.2.5162.159.140.229
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.102231026 CET50295443192.168.2.5162.159.140.229
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.102411985 CET44350295162.159.140.229192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.102438927 CET50295443192.168.2.5162.159.140.229
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.109515905 CET4435028063.34.142.90192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.137970924 CET50280443192.168.2.563.34.142.90
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.138006926 CET4435028063.34.142.90192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.139214993 CET4435028063.34.142.90192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.140079021 CET50280443192.168.2.563.34.142.90
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.140253067 CET4435028063.34.142.90192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.140367031 CET50280443192.168.2.563.34.142.90
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.143356085 CET44350295162.159.140.229192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.166924953 CET50295443192.168.2.5162.159.140.229
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.166955948 CET44350295162.159.140.229192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.183339119 CET4435028063.34.142.90192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.226435900 CET44350292172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.231920958 CET44350293104.244.42.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.256335974 CET50292443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.256360054 CET44350292172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.257417917 CET44350292172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.257467985 CET50292443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.260899067 CET50293443192.168.2.5104.244.42.3
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.260906935 CET44350293104.244.42.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.261972904 CET44350293104.244.42.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.262032032 CET50293443192.168.2.5104.244.42.3
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.264178038 CET50292443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.264242887 CET44350292172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.264853954 CET50293443192.168.2.5104.244.42.3
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.264914036 CET44350293104.244.42.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.265582085 CET50292443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.265589952 CET44350292172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.265750885 CET50293443192.168.2.5104.244.42.3
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.265757084 CET44350293104.244.42.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.276885986 CET50295443192.168.2.5162.159.140.229
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.281976938 CET44350291172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.293858051 CET50291443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.293875933 CET44350291172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.297866106 CET44350291172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.297997952 CET50291443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.299269915 CET50345443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.299302101 CET4435034534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.299505949 CET50345443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.300360918 CET50345443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.300371885 CET4435034534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.307223082 CET50291443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.307378054 CET44350291172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.309721947 CET4435026934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.309753895 CET50291443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.309767962 CET44350291172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.309803009 CET4435026934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.309864044 CET50269443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.328437090 CET50269443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.328454018 CET4435026934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.328464031 CET50269443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.328470945 CET4435026934.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.353322983 CET50352443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.353357077 CET4435035234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.353429079 CET50352443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.353646994 CET50352443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.353662014 CET4435035234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.396615982 CET44350031172.66.0.227192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.396780968 CET44350031172.66.0.227192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.396919966 CET50031443192.168.2.5172.66.0.227
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.400722980 CET4435026613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.412254095 CET50266443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.412276983 CET4435026613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.412705898 CET50266443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.412712097 CET4435026613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.471332073 CET44350293104.244.42.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.471337080 CET44350292172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.471379042 CET50292443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.471404076 CET50293443192.168.2.5104.244.42.3
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.472203016 CET50291443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.476717949 CET4435028513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.484357119 CET50285443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.484400034 CET4435028513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.485501051 CET50285443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.485516071 CET4435028513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.490087032 CET4435028713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.490592003 CET50287443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.490616083 CET4435028713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.490973949 CET50287443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.490983963 CET4435028713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.492492914 CET4435028613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.493020058 CET50286443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.493036985 CET4435028613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.493401051 CET50286443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.493406057 CET4435028613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.643471003 CET4435028063.34.142.90192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.643635035 CET4435028063.34.142.90192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.643693924 CET50280443192.168.2.563.34.142.90
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.655977011 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.657552004 CET50280443192.168.2.563.34.142.90
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.657581091 CET4435028063.34.142.90192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.658230066 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.658284903 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.662138939 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.662213087 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.662915945 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.663034916 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.663475990 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.663494110 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.686805010 CET44350288108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.728673935 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.768611908 CET44350292172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.768686056 CET44350292172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.771750927 CET50292443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.775378942 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.775651932 CET50288443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.793086052 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.808131933 CET44350295162.159.140.229192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.808233976 CET44350295162.159.140.229192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.808296919 CET50295443192.168.2.5162.159.140.229
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.811074018 CET44350291172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.811235905 CET44350291172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.811455011 CET50291443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.811790943 CET44350293104.244.42.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.811850071 CET44350293104.244.42.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.811924934 CET50293443192.168.2.5104.244.42.3
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.848088980 CET4435026613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.851608992 CET4435026613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.851686001 CET50266443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.912290096 CET4435028513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.915605068 CET4435028513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.915653944 CET4435028513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.915832996 CET50285443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.966746092 CET50288443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.966763973 CET44350288108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.966859102 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.966891050 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.968434095 CET44350288108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.968451977 CET44350288108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.968508959 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.968524933 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.968527079 CET50295443192.168.2.5162.159.140.229
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.968545914 CET50288443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.968560934 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.968576908 CET44350295162.159.140.229192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.969176054 CET50293443192.168.2.5104.244.42.3
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.969198942 CET44350293104.244.42.3192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.969897985 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.969989061 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.970442057 CET50288443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.970526934 CET44350288108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.973330021 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.973346949 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.973783016 CET50288443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.973793983 CET44350288108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.975388050 CET4435028713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.978693962 CET4435028713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.978738070 CET4435028713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.978744030 CET50287443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.978777885 CET50287443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.989725113 CET4435028613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.992872953 CET4435028613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.992928982 CET50286443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.050024986 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.081139088 CET50266443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.081160069 CET4435026613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.082634926 CET50287443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.082650900 CET4435028713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.082674980 CET50287443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.082685947 CET4435028713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.082861900 CET50286443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.082879066 CET4435028613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.082895041 CET50286443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.082901001 CET4435028613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.085530043 CET50285443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.085542917 CET4435028513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.102125883 CET50371443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.102147102 CET4435037113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.102292061 CET50371443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.104126930 CET50372443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.104163885 CET4435037213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.104218960 CET50372443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.129090071 CET50031443192.168.2.5172.66.0.227
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.129101992 CET44350031172.66.0.227192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.168804884 CET50288443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.210680962 CET50371443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.210699081 CET4435037113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.215147018 CET50372443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.215184927 CET4435037213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.216135025 CET50292443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.216149092 CET44350292172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.216456890 CET50291443192.168.2.5172.179.182.7
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.216466904 CET44350291172.179.182.7192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.230756998 CET50374443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.230797052 CET4435037413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.230858088 CET50374443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.232146025 CET50374443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.232163906 CET4435037413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.259572029 CET50375443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.259593010 CET4435037513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.259649992 CET50375443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.259764910 CET50375443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.259778023 CET4435037513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.264714956 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.264767885 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.264834881 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.264857054 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.264941931 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.281213045 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.281233072 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.281279087 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.289628029 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.289695024 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.289716005 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.289745092 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.289772987 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.306351900 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.306432009 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.306451082 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.306504011 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.460359097 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.460381031 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.460427999 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.475285053 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.475347042 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.475366116 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.475419044 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.482924938 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.482948065 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.483000994 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.490453959 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.490528107 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.490542889 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.505429983 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.505501032 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.505556107 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.505700111 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.519432068 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.520387888 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.520397902 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.520464897 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.528141975 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.528227091 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.543332100 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.543416977 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.558124065 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.558188915 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.560553074 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.560569048 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.560614109 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.560628891 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.560669899 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.560688019 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.560720921 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.560736895 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.560736895 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.560736895 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.560736895 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.560750008 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.560765982 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.578947067 CET44350288108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.579216003 CET44350288108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.579521894 CET50288443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.579701900 CET50288443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.579713106 CET44350288108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.579721928 CET50288443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.579755068 CET50288443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.617253065 CET4435034534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.617317915 CET50345443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.618990898 CET50345443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.618999004 CET4435034534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.619234085 CET4435034534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.620210886 CET50345443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.620320082 CET50345443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.620347023 CET4435034534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.656141043 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.656213045 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.666121006 CET4435035234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.666178942 CET50352443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.668090105 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.668162107 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.673964977 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.674027920 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.685384035 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.685466051 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.696017027 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.696089029 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.701399088 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.701466084 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.702598095 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.712610006 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.712682009 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.717473984 CET50352443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.717483997 CET4435035234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.717758894 CET4435035234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.718957901 CET50352443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.719121933 CET50352443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.719147921 CET4435035234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.722769022 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.722831964 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.728123903 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.728194952 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.738826036 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.738892078 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.749414921 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.749479055 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.760178089 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.760230064 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.760237932 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.760245085 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.760289907 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.760298967 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.760313988 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.760351896 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.760365963 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.760379076 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.760379076 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.760394096 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.760421038 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.765531063 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.765603065 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.773536921 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.773603916 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.784229040 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.784303904 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.796238899 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.796251059 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.796305895 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.796318054 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.796334982 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.796365023 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.796371937 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.796386957 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.796403885 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.845072985 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.845155954 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.851114035 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.851187944 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.855302095 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.855370998 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.863401890 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.863471985 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.870893955 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.870965004 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.874833107 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.874907017 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.881773949 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.881855011 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.888627052 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.888757944 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.892030001 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.892107964 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.898783922 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.898850918 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.905025005 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.905088902 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.911390066 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.911452055 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.913352966 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.913414955 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.917157888 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.917221069 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.920710087 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.920783997 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.921540976 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.921555042 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.921607018 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.921616077 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.921637058 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.921689034 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.922581911 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.922641993 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.926486969 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.926543951 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.930047989 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.930107117 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.932879925 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.932939053 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.934804916 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.934880018 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.936680079 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.936764002 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.940608978 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.940742016 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.940759897 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.944159031 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.944228888 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.944242954 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.944297075 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.947849035 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.947937965 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.948225975 CET4435034313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.980587959 CET50343443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.980622053 CET4435034313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.981036901 CET50343443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.981049061 CET4435034313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.009812117 CET50289443192.168.2.5108.158.75.13
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.009825945 CET44350289108.158.75.13192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.039102077 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.039165020 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.042644024 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.042714119 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.044531107 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.044588089 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.048291922 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.048356056 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.051541090 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.051601887 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.054923058 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.054981947 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.056622982 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.056684017 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.059736967 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.059798002 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.062762976 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.062825918 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.064441919 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.064508915 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.067306042 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.067377090 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.070291996 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.070359945 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.071737051 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.071808100 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.074435949 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.074496031 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.077203035 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.077265978 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.078811884 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.078879118 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.081566095 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.081630945 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.082856894 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.083040953 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.083105087 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.083211899 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.083233118 CET4435029020.50.2.53192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.083255053 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.083287954 CET50290443192.168.2.520.50.2.53
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.087924957 CET4435034534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.087994099 CET4435034534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.088036060 CET50345443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.088296890 CET50345443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.088303089 CET4435034534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.088315964 CET50345443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.088324070 CET4435034534.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.136667967 CET4435035234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.136754036 CET4435035234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.136815071 CET50352443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.138963938 CET50352443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.138968945 CET4435035234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.138981104 CET50352443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.138983965 CET4435035234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.401199102 CET4435034313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.403875113 CET4435034313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.403928041 CET50343443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.424678087 CET50343443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.424678087 CET50343443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.424701929 CET4435034313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.424724102 CET4435034313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.469533920 CET50416443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.469585896 CET4435041634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.469654083 CET50416443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.470753908 CET50416443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.470798016 CET4435041634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.473170042 CET50417443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.473226070 CET4435041713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.473294020 CET50417443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.526658058 CET50417443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.526684999 CET4435041713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.785478115 CET50030443192.168.2.5104.244.42.195
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.785564899 CET50048443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.785615921 CET49860443192.168.2.534.96.102.137
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.785648108 CET44350048150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.785693884 CET44350030104.244.42.195192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.785737991 CET4434986034.96.102.137192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.785756111 CET50048443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.785799980 CET50030443192.168.2.5104.244.42.195
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.785800934 CET49860443192.168.2.534.96.102.137
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.940431118 CET4435037113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.945540905 CET50371443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.945540905 CET50371443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.945581913 CET4435037113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.945614100 CET4435037113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.984091997 CET4435037513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.988723040 CET50375443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.988739967 CET4435037513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.991682053 CET50375443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:48.991686106 CET4435037513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.006273031 CET4435037213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.006583929 CET50372443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.006603003 CET4435037213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.007584095 CET50372443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.007590055 CET4435037213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.022469044 CET4435037413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.024532080 CET50374443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.024532080 CET50374443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.024549961 CET4435037413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.024559975 CET4435037413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.326478004 CET50435443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.326543093 CET44350435104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.326622963 CET50435443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.331588030 CET50435443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.331618071 CET44350435104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.377471924 CET4435037113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.380585909 CET4435037113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.380661964 CET50371443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.420671940 CET4435037513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.423769951 CET4435037513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.423845053 CET50375443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.451673985 CET4435037213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.454854012 CET4435037213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.454967976 CET50372443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.461493969 CET50371443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.461528063 CET4435037113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.461565018 CET50371443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.461582899 CET4435037113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.463855982 CET50441443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.463893890 CET4435044152.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.464086056 CET50442443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.464102983 CET4435044252.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.464138031 CET50441443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.464236975 CET50442443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.464553118 CET50442443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.464565992 CET4435044252.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.464833021 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.464842081 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.464843988 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.464864016 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.464917898 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.464927912 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.465095997 CET50441443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.465123892 CET4435044152.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.465310097 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.465316057 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.465321064 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.465342045 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.465390921 CET4435037413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.467606068 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.467621088 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.468498945 CET4435037413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.468571901 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.468571901 CET50374443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.468813896 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.468830109 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.473927021 CET50446443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.473927021 CET50447443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.473952055 CET4435044618.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.473974943 CET4435044735.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.475795984 CET50446443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.475796938 CET50447443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.476131916 CET50447443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.476131916 CET50446443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.476157904 CET4435044735.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.476181984 CET4435044618.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.479829073 CET50375443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.479836941 CET4435037513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.479912996 CET50375443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.479918003 CET4435037513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.499530077 CET50372443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.499537945 CET4435037213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.499573946 CET50372443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.499581099 CET4435037213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.502392054 CET50374443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.502397060 CET4435037413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.502424955 CET50374443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.502429962 CET4435037413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.558624983 CET50449443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.558672905 CET4435044913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.558773041 CET50449443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.780498981 CET4435041634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.780606031 CET50416443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.015589952 CET50449443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.015623093 CET4435044913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.127970934 CET50416443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.128004074 CET4435041634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.128278017 CET4435041634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.195537090 CET50416443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.231477976 CET50450443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.231512070 CET4435045013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.231566906 CET50450443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.232424974 CET50451443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.232466936 CET4435045113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.232532024 CET50451443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.318197966 CET4435041713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.329169035 CET50453443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.329180002 CET4435045313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.329236984 CET50453443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.329293966 CET50450443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.329308033 CET4435045013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.329390049 CET50453443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.329402924 CET4435045313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.329868078 CET50451443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.329894066 CET4435045113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.342386961 CET50417443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.342443943 CET4435041713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.342811108 CET50417443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.342828989 CET4435041713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.432624102 CET50416443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.432727098 CET50416443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.432760954 CET4435041634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.586291075 CET44350435104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.586596966 CET50435443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.586615086 CET44350435104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.586944103 CET44350435104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.587258101 CET50435443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.587333918 CET44350435104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.587384939 CET50435443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.635335922 CET44350435104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.762204885 CET4435041713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.765219927 CET4435041713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.765309095 CET50417443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.765331984 CET4435041713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.765403986 CET50417443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.777604103 CET4435044735.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.792037964 CET50417443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.792037964 CET50417443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.792083979 CET4435041713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.792129040 CET4435041713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.802567959 CET50447443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.802591085 CET4435044735.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.803749084 CET4435044735.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.803808928 CET50447443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.853960037 CET50447443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.854080915 CET4435044735.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.854476929 CET50447443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.854499102 CET4435044735.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.940506935 CET50447443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.952223063 CET50468443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.952250957 CET4435046813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.952349901 CET50468443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.972317934 CET50468443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.972332954 CET4435046813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.105989933 CET4435041634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.106070995 CET4435041634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.106283903 CET44350435104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.106312037 CET50416443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.106323957 CET44350435104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.106359959 CET44350435104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.106406927 CET50435443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.106414080 CET44350435104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.106431961 CET44350435104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.106472015 CET50435443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.106478930 CET44350435104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.106514931 CET50435443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.109323978 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.109394073 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.109831095 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.109843969 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.109930992 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.109955072 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.110713959 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.110888958 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.110899925 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.111084938 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.111090899 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.111169100 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.111169100 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.111413956 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.111465931 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.112179041 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.112238884 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.112402916 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.112415075 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.112454891 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.112479925 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.112958908 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.113040924 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.113101959 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.113107920 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.113141060 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.113152027 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.113244057 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.113251925 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.113409042 CET4435044618.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.113564968 CET50446443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.113578081 CET4435044618.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.114586115 CET4435044618.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.114645004 CET50446443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.114922047 CET50446443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.114983082 CET4435044618.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.115055084 CET50446443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.120567083 CET50416443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.120580912 CET4435041634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.120640039 CET50416443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.120646954 CET4435041634.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.124114037 CET50435443192.168.2.5104.18.87.42
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.124138117 CET44350435104.18.87.42192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.155333042 CET4435044618.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.155752897 CET50477443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.155766964 CET4435047734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.155925989 CET50477443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.156191111 CET50477443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.156198978 CET4435047734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.199712992 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.199739933 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.200118065 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.200169086 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.200757027 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.247328997 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.251732111 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.251740932 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.251741886 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.251796961 CET50446443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.251812935 CET4435044618.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.387672901 CET50446443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.422492027 CET4435044252.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.423337936 CET4435044152.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.470045090 CET4435044735.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.470128059 CET4435044735.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.470210075 CET50447443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.475589991 CET50442443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.475603104 CET4435044252.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.475795984 CET50441443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.475841045 CET4435044152.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.476977110 CET50447443192.168.2.535.244.154.8
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.477006912 CET4435044735.244.154.8192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.479415894 CET4435044252.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.479444027 CET4435044252.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.479473114 CET50442443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.479677916 CET4435044152.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.479712009 CET4435044152.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.479747057 CET50441443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.479990959 CET50442443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.480164051 CET4435044252.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.480520010 CET50441443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.480671883 CET50442443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.480679989 CET4435044252.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.480720043 CET50441443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.480720043 CET4435044152.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.523336887 CET4435044152.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.548614979 CET50441443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.548635006 CET4435044152.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.560102940 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.564285040 CET50442443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.576906919 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.576919079 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.576950073 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.576967001 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.576975107 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.577001095 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.601941109 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.601950884 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.602016926 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.602036953 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.602046013 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.602068901 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.645351887 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.645410061 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.645416975 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.649044991 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.649120092 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.649122000 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.649152994 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.649207115 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.649223089 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.682035923 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.682092905 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.682123899 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.682147980 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.682214975 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.682231903 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.682245016 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.682272911 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.685842037 CET4435044618.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.685866117 CET4435044618.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.685873032 CET4435044618.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.685900927 CET4435044618.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.685910940 CET4435044618.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.685918093 CET4435044618.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.685929060 CET50446443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.685956001 CET4435044618.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.685980082 CET4435044618.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.685983896 CET50446443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.686177015 CET50446443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.690396070 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.691580057 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.691586971 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.691627026 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.697879076 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.697932959 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.706165075 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.706360102 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.706367970 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.706554890 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.714550018 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.714612961 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.714654922 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.714692116 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.751734972 CET50441443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.751743078 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.751746893 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.751755953 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.751796007 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.756315947 CET50508443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.756342888 CET4435050834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.756385088 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.756417036 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.756434917 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.756465912 CET50508443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.756526947 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.756526947 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.756547928 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.756892920 CET50508443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.756906986 CET4435050834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.768409014 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.768423080 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.768477917 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.768521070 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.768541098 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.768541098 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.768562078 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.768590927 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.768615007 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.787806988 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.787831068 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.787848949 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.787863016 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.787873983 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.787902117 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.801795959 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.801866055 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.805917025 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.805963039 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.811506033 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.811526060 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.811558962 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.811563969 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.811589956 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.811599970 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.811619997 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.834142923 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.834163904 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.834181070 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.834203005 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.834235907 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.834265947 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.839310884 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.839371920 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.839399099 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.839519978 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.839570999 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.846407890 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.846421957 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.846442938 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.846451044 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.846457005 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.846468925 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.846489906 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.846513987 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.846537113 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.849940062 CET50446443192.168.2.518.66.102.106
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.849956036 CET4435044618.66.102.106192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.883475065 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.883531094 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.886626959 CET4435044913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.887073994 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.887132883 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.888628960 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.888748884 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.888755083 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.888957977 CET50445443192.168.2.5150.171.27.10
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.888973951 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.888988972 CET44350445150.171.27.10192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.893234015 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.893243074 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.893280029 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.893297911 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.893301010 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.893317938 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.893331051 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.893333912 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.893352032 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.893373013 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.896454096 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.896462917 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.896528006 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.896559954 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.896583080 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.896583080 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.896600962 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.896630049 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.896661997 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.896661997 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.896667957 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.896672010 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.896673918 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.896708965 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.896729946 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.896780014 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.900000095 CET50229443192.168.2.534.111.24.1
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.900011063 CET4435022934.111.24.1192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.903584957 CET50449443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.903650045 CET4435044913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.904242039 CET50449443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.904262066 CET4435044913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.932037115 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.932048082 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.932106972 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.932128906 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.932167053 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.932183981 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.932207108 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.932231903 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.934206009 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.934212923 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.934251070 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.934262991 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.934273958 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.934290886 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.934303999 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.934304953 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.934320927 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.934333086 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.934343100 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.965225935 CET4435044252.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.965250015 CET4435044252.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.965256929 CET4435044252.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.965322018 CET4435044252.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.965327978 CET50442443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.965359926 CET4435044252.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.965380907 CET4435044252.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.965409994 CET4435044252.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.965421915 CET50442443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.965421915 CET50442443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.965430975 CET50442443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.965451956 CET50442443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.004137993 CET4435044152.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.004317045 CET4435044152.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.004381895 CET50441443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.034790993 CET50441443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.034831047 CET4435044152.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.070636988 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.070660114 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.070749044 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.070808887 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.070921898 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.071203947 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.071213961 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.071250916 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.071269989 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.071285009 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.071300030 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.071340084 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.075208902 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.075270891 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.085212946 CET4435044252.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.085300922 CET50442443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.095778942 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.095818996 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.095861912 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.095870972 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.095909119 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.099102974 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.099157095 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.099174976 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.099200010 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.099212885 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.099647045 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.107259989 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.107347012 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.107353926 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.108273029 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.124358892 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.124376059 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.124442101 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.124459028 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.127873898 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.131458044 CET4435044252.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.131517887 CET4435044252.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.131542921 CET50442443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.131551981 CET4435044252.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.131587029 CET50442443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.131613970 CET50442443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.153022051 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.153038025 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.153109074 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.153117895 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.155611992 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.183430910 CET4435045313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.186299086 CET4435045113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.186732054 CET4435045013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.235579967 CET50453443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.235641956 CET4435045313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.251751900 CET50451443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.263344049 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.263406038 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.263421059 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.263437986 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.263463020 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.269354105 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.269404888 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.269412041 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.269591093 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.284096003 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.284137964 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.284152985 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.284158945 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.284194946 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.284226894 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.287509918 CET50453443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.287539005 CET4435045313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.288475037 CET50451443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.288502932 CET4435045113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.288954020 CET50451443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.288964033 CET4435045113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.289442062 CET50450443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.289458036 CET4435045013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.290189028 CET50450443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.290194988 CET4435045013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.303895950 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.303913116 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.303968906 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.303977013 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.304028034 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.323858023 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.323873043 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.323935032 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.323947906 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.325596094 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.339692116 CET4435044913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.341105938 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.341125011 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.341190100 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.341198921 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.342710972 CET4435044913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.342780113 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.343604088 CET50449443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.346604109 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.346668005 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.360246897 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.360297918 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.360362053 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.360379934 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.360408068 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.373589039 CET4435047734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.373678923 CET50477443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.379514933 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.379533052 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.379611015 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.379618883 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.439872980 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.460552931 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.460592031 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.460628986 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.460656881 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.460664988 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.460686922 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.460695982 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.460740089 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.624074936 CET50444443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.624106884 CET44350444157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.625308990 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.635054111 CET4435045313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.635807991 CET50449443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.635808945 CET50449443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.635895014 CET4435044913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.635924101 CET4435044913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.637527943 CET4435045113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.637573004 CET4435045013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.638257027 CET50477443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.638300896 CET4435047734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.638812065 CET4435045313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.638879061 CET4435045313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.638885975 CET50453443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.638938904 CET50453443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.639266968 CET4435047734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.640073061 CET50477443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.640278101 CET50477443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.640300989 CET4435047734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.640846014 CET4435045113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.640924931 CET4435045113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.640943050 CET50451443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.640975952 CET50451443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.641110897 CET4435045013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.641187906 CET50450443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.671426058 CET50442443192.168.2.552.50.80.142
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.671437979 CET4435044252.50.80.142192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.673677921 CET50443443192.168.2.5157.240.196.15
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.673693895 CET44350443157.240.196.15192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.716078043 CET50453443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.716098070 CET4435045313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.716099977 CET50450443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.716111898 CET50453443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.716120005 CET4435045313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.716121912 CET4435045013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.716133118 CET50450443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.716139078 CET4435045013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.718528032 CET50451443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.718528032 CET50451443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.718559980 CET4435045113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.718601942 CET4435045113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.758713961 CET50515443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.758744001 CET4435051513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.758914948 CET50515443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.785262108 CET50518443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.785289049 CET4435051813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.785356998 CET50518443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.785665035 CET50515443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.785676956 CET4435051513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.790355921 CET50518443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.790374041 CET4435051813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.792778015 CET50519443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.792836905 CET4435051913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.792905092 CET50519443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.793318033 CET50519443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.793343067 CET4435051913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.794581890 CET50520443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.794621944 CET4435052013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.794759989 CET50520443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.794899940 CET50520443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.794912100 CET4435052013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.841274977 CET4435046813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.851336956 CET50468443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.851353884 CET4435046813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.852000952 CET50468443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:52.852005959 CET4435046813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.017942905 CET4435050834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.018013954 CET50508443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.054569960 CET50508443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.054579973 CET4435050834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.054841995 CET4435050834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.054891109 CET50508443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.065215111 CET50508443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.065248013 CET4435050834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.092708111 CET4435047734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.092909098 CET4435047734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.093245029 CET50477443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.103162050 CET50477443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.103178978 CET4435047734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.103193998 CET50477443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.103199959 CET4435047734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.125413895 CET50527443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.125479937 CET4435052734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.125544071 CET50527443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.125780106 CET50527443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.125828981 CET4435052734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.295599937 CET4435046813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.299494028 CET4435046813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.303340912 CET50468443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.306627989 CET50468443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.306627989 CET50468443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.306648970 CET4435046813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.306665897 CET4435046813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.345912933 CET50534443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.345948935 CET4435053413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.346034050 CET50534443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.361071110 CET50534443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.361097097 CET4435053413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.479994059 CET4435050834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.480061054 CET4435050834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.480115891 CET50508443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.481549978 CET50508443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:53.481560946 CET4435050834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.429430008 CET4435052734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.429532051 CET50527443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.432770967 CET50527443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.432806969 CET4435052734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.433088064 CET4435052734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.433877945 CET50527443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.433979034 CET50527443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.434005022 CET4435052734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.503258944 CET4435051513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.503644943 CET50515443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.503669024 CET4435051513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.504111052 CET50515443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.504115105 CET4435051513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.505431890 CET4435051813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.505855083 CET50518443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.505886078 CET4435051813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.506237030 CET50518443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.506241083 CET4435051813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.578550100 CET4435051913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.579560995 CET50519443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.579588890 CET4435051913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.579765081 CET4435052013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.580275059 CET50519443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.580286026 CET4435051913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.584003925 CET50520443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.584084988 CET4435052013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.584553003 CET50520443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.584569931 CET4435052013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.901530981 CET4435052734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.901699066 CET4435052734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.901778936 CET50527443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.924017906 CET50527443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.924084902 CET4435052734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.924123049 CET50527443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.924155951 CET4435052734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.938172102 CET4435051513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.940109968 CET4435051813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.941194057 CET4435051513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.941253901 CET50515443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.943353891 CET4435051813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.943414927 CET4435051813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.943459988 CET50518443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.980168104 CET50515443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.980206966 CET4435051513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.980218887 CET50515443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.980226040 CET4435051513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.981285095 CET50518443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.981326103 CET4435051813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.981340885 CET50518443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:54.981348038 CET4435051813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.032207966 CET4435052013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.032234907 CET4435052013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.032299995 CET50520443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.032335997 CET4435052013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.033368111 CET4435051913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.033387899 CET4435051913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.033453941 CET50519443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.033502102 CET4435051913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.035902023 CET4435052013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.035995007 CET50520443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.036988020 CET4435051913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.039685965 CET50519443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.343877077 CET50520443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.343929052 CET4435052013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.343961000 CET50520443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.343977928 CET4435052013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.344201088 CET50519443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.344201088 CET50519443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.344229937 CET4435051913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.344253063 CET4435051913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.380778074 CET50565443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.380798101 CET4435056513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.380856037 CET50565443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.418344975 CET50569443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.418369055 CET4435056913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.418454885 CET50565443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.418472052 CET4435056513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.418508053 CET50569443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.429169893 CET50569443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.429197073 CET4435056913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.433897018 CET50572443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.433916092 CET4435057213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.434015989 CET50572443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.434118032 CET50572443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.434127092 CET4435057213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.435369015 CET50573443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.435425997 CET4435057313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.435502052 CET50573443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.476200104 CET4435053413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.502157927 CET50573443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.502209902 CET4435057313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.503439903 CET50534443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.503458023 CET4435053413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.503917933 CET50534443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.503923893 CET4435053413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.925039053 CET4435053413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.928221941 CET4435053413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.928267002 CET50534443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.928267956 CET4435053413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.928308010 CET50534443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.948743105 CET50534443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.948743105 CET50534443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.948754072 CET4435053413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.948761940 CET4435053413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.965287924 CET50587443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.965295076 CET4435058713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.965344906 CET50587443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.969032049 CET50587443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:55.969043970 CET4435058713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.110589027 CET50592443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.110635996 CET4435059234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.110694885 CET50592443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.118690968 CET50592443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.118719101 CET4435059234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.466159105 CET50596443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.466196060 CET44350596157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.466247082 CET50596443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.466440916 CET50597443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.466469049 CET44350597157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.466516018 CET50597443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.466988087 CET50598443192.168.2.554.246.144.89
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.467005968 CET4435059854.246.144.89192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.467056990 CET50598443192.168.2.554.246.144.89
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.467397928 CET50598443192.168.2.554.246.144.89
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.467411995 CET4435059854.246.144.89192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.467664957 CET50597443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.467679977 CET44350597157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.467978001 CET50596443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.467998028 CET44350596157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.220401049 CET4435057213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.220978022 CET50572443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.220997095 CET4435057213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.221590996 CET50572443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.221595049 CET4435057213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.273199081 CET4435056513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.273710012 CET50565443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.273726940 CET4435056513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.274272919 CET50565443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.274277925 CET4435056513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.278371096 CET4435056913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.279218912 CET50569443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.279273033 CET4435056913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.281601906 CET50569443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.281620026 CET4435056913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.288346052 CET4435057313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.289005995 CET50573443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.289057016 CET4435057313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.289443016 CET50573443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.289452076 CET4435057313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.433372974 CET4435059234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.433583975 CET50592443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.435822964 CET50592443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.435841084 CET4435059234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.436216116 CET4435059234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.482002020 CET50592443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.483680010 CET50592443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.483753920 CET4435059234.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.670811892 CET4435057213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.673839092 CET4435057213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.673902988 CET50572443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.674578905 CET50572443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.674587965 CET4435057213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.674598932 CET50572443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.674602032 CET4435057213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.680546999 CET50622443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.680556059 CET4435062213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.680607080 CET50622443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.683475971 CET50622443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.683485985 CET4435062213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.697767019 CET4435058713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.698409081 CET50587443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.698435068 CET4435058713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.698970079 CET50587443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.698975086 CET4435058713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.727705956 CET4435056513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.731730938 CET4435056513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.731785059 CET50565443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.732398033 CET50565443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.732408047 CET4435056513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.732419014 CET50565443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.732424021 CET4435056513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.734237909 CET4435056913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.735025883 CET4435057313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.735096931 CET4435057313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.735110998 CET50624443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.735140085 CET4435057313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.735177040 CET4435062413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.735210896 CET50573443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.735210896 CET50573443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.735259056 CET50624443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.735490084 CET50573443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.735490084 CET50573443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.735508919 CET4435057313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.735531092 CET4435057313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.735748053 CET50592443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.737035990 CET50624443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.737065077 CET4435062413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.737617970 CET4435056913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.737658024 CET4435056913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.737719059 CET50569443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.737812042 CET50569443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.737812042 CET50569443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.737853050 CET4435056913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.737878084 CET4435056913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.739645958 CET50625443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.739659071 CET4435062513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.739712954 CET50625443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.742100000 CET50626443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.742124081 CET4435062613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.742182016 CET50626443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.742321014 CET50626443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.742347956 CET4435062613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.742487907 CET50625443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.742497921 CET4435062513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.864181995 CET44350596157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.864396095 CET50596443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.864414930 CET44350596157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.865456104 CET44350596157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.865529060 CET50596443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.866715908 CET50596443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.866797924 CET44350596157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.867218971 CET50596443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.867228031 CET44350596157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.896321058 CET4435059854.246.144.89192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.896595001 CET50598443192.168.2.554.246.144.89
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.896617889 CET4435059854.246.144.89192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.898547888 CET4435059854.246.144.89192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.898606062 CET50598443192.168.2.554.246.144.89
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.898931980 CET50598443192.168.2.554.246.144.89
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.899029016 CET4435059854.246.144.89192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.899137020 CET50598443192.168.2.554.246.144.89
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.899146080 CET4435059854.246.144.89192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.908968925 CET44350597157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.909195900 CET50597443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.909214973 CET44350597157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.910202980 CET44350597157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.910263062 CET50597443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.910577059 CET50597443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.910638094 CET44350597157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.910715103 CET50597443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.910721064 CET44350597157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.944050074 CET50598443192.168.2.554.246.144.89
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:57.975241899 CET50596443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.053361893 CET50597443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.135565996 CET4435058713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.138613939 CET4435058713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.138664961 CET50587443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.145279884 CET50587443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.145287037 CET4435058713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.145298958 CET50587443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.145302057 CET4435058713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.157171965 CET50632443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.157195091 CET4435063213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.157258987 CET50632443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.158710003 CET50632443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.158724070 CET4435063213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.389686108 CET44350596157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.389755011 CET44350596157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.389811993 CET50596443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.390224934 CET50596443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.390238047 CET44350596157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.423257113 CET4435059854.246.144.89192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.423325062 CET4435059854.246.144.89192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.423368931 CET50598443192.168.2.554.246.144.89
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.423738956 CET50598443192.168.2.554.246.144.89
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.423748970 CET4435059854.246.144.89192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.423768997 CET50598443192.168.2.554.246.144.89
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.423791885 CET50598443192.168.2.554.246.144.89
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.502963066 CET44350597157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.503012896 CET44350597157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.503051996 CET50597443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.503071070 CET44350597157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.503102064 CET44350597157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.503138065 CET50597443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.503144026 CET44350597157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.503163099 CET44350597157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.503207922 CET50597443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.503879070 CET50597443192.168.2.5157.240.196.35
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:58.503887892 CET44350597157.240.196.35192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.463860989 CET4435062613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.464334011 CET50626443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.464415073 CET4435062613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.464735031 CET4435062513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.464992046 CET50626443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.465008020 CET4435062613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.465475082 CET50625443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.465492964 CET4435062513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.465845108 CET50625443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.465848923 CET4435062513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.487137079 CET4435062213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.487575054 CET50622443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.487591982 CET4435062213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.488034010 CET50622443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.488038063 CET4435062213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.528588057 CET4435062413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.529572010 CET50624443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.529613018 CET4435062413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.530066967 CET50624443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.530078888 CET4435062413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.905158997 CET4435062513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.905324936 CET4435062613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.908351898 CET4435062613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.908411026 CET50626443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.908807993 CET4435062513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.908853054 CET50625443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.908859015 CET4435062513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.908899069 CET50625443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.940300941 CET4435062213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.943146944 CET4435062213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.943201065 CET50622443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.943212986 CET4435062213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.943375111 CET4435062213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.943428993 CET50622443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.962970972 CET50625443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.962980032 CET4435062513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.962986946 CET50625443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.962990999 CET4435062513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.964555979 CET50626443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.964577913 CET4435062613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.964603901 CET50626443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.964620113 CET4435062613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.968183994 CET50622443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.968183994 CET50622443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.968190908 CET4435062213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.968197107 CET4435062213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.979465008 CET4435062413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.983237028 CET4435062413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:59.983285904 CET50624443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.014832020 CET50624443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.014868021 CET4435062413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.014889002 CET50624443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.014897108 CET4435062413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.019587040 CET4435063213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.030617952 CET50649443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.030630112 CET4435064913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.030679941 CET50649443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.030713081 CET50650443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.030735970 CET4435065013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.030790091 CET50650443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.030972958 CET50632443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.030985117 CET4435063213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.031450033 CET50632443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.031454086 CET4435063213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.032463074 CET50651443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.032473087 CET4435065113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.032520056 CET50651443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.032653093 CET50651443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.032664061 CET4435065113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.033171892 CET50649443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.033185005 CET4435064913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.033395052 CET50650443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.033410072 CET4435065013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.034039974 CET50652443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.034063101 CET4435065213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.034110069 CET50652443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.034225941 CET50652443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.034239054 CET4435065213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.478508949 CET4435063213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.481718063 CET4435063213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.481781960 CET50632443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.481820107 CET50632443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.481837988 CET4435063213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.481848001 CET50632443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.481853962 CET4435063213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.485505104 CET50656443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.485557079 CET4435065613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.485616922 CET50656443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.486238956 CET50656443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:00.486253023 CET4435065613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:01.758810043 CET4435065113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:01.759309053 CET50651443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:01.759392023 CET4435065113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:01.759891987 CET50651443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:01.759908915 CET4435065113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:01.824429035 CET4435065213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:01.824866056 CET50652443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:01.824887037 CET4435065213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:01.825097084 CET4435064913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:01.825334072 CET50652443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:01.825339079 CET4435065213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:01.825421095 CET50649443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:01.825464964 CET4435064913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:01.825823069 CET50649443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:01.825834036 CET4435064913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:01.908978939 CET4435065013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:01.909462929 CET50650443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:01.909483910 CET4435065013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:01.909965992 CET50650443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:01.909971952 CET4435065013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.193511963 CET4435065113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.194171906 CET4435065113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.194226027 CET4435065113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.194308043 CET50651443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.194365025 CET50651443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.195087910 CET50651443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.195110083 CET4435065113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.195128918 CET50651443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.195136070 CET4435065113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.211733103 CET50672443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.211787939 CET4435067213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.211848021 CET50672443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.218791008 CET50672443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.218827009 CET4435067213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.226058006 CET4435065613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.230016947 CET50656443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.230057001 CET4435065613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.230680943 CET50656443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.230686903 CET4435065613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.268604994 CET4435065213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.269598007 CET4435064913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.271800995 CET4435065213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.271853924 CET4435065213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.271944046 CET50652443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.272625923 CET4435064913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.273653030 CET50649443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.278034925 CET50649443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.278270006 CET50649443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.278270006 CET50649443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.278314114 CET4435064913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.278337002 CET4435064913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.279198885 CET50652443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.279217958 CET4435065213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.360402107 CET4435065013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.360604048 CET4435065013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.360693932 CET50650443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.554780960 CET50650443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.554802895 CET4435065013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.554815054 CET50650443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.554820061 CET4435065013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.558989048 CET50673443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.559009075 CET4435067313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.559254885 CET50673443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.560952902 CET50673443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.560966969 CET4435067313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.568226099 CET50674443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.568285942 CET4435067413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.568737984 CET50674443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.568856001 CET50674443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.568871975 CET4435067413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.569377899 CET50675443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.569387913 CET4435067513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.573637962 CET50675443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.573837042 CET50675443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.573843002 CET4435067513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.661465883 CET4435065613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.664509058 CET4435065613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.665751934 CET50656443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.670706034 CET50656443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.670732021 CET4435065613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.670747042 CET50656443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.670753002 CET4435065613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.673742056 CET50677443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.673778057 CET4435067713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.673865080 CET50677443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.675343037 CET50677443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:02.675359011 CET4435067713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:03.878771067 CET50684443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:03.878806114 CET44350684142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:03.878891945 CET50684443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:03.879168034 CET50684443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:03.879183054 CET44350684142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.086800098 CET4435067213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.090307951 CET50672443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.090325117 CET4435067213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.090792894 CET50672443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.090805054 CET4435067213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.298032999 CET4435067413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.299451113 CET50674443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.299515963 CET4435067413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.300143003 CET50674443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.300164938 CET4435067413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.351809978 CET4435067313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.363745928 CET50673443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.363771915 CET4435067313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.364162922 CET50673443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.364176035 CET4435067313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.420974016 CET4435067513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.421986103 CET50675443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.421998024 CET4435067513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.422461987 CET50675443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.422466040 CET4435067513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.468692064 CET4435067713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.471395016 CET50677443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.471407890 CET4435067713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.471826077 CET50677443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.471831083 CET4435067713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.547133923 CET4435067213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.547199011 CET4435067213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.547255993 CET50672443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.547339916 CET4435067213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.547352076 CET4435067213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.547413111 CET50672443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.549113035 CET50672443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.549113989 CET50672443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.549155951 CET4435067213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.549181938 CET4435067213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.556858063 CET50692443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.556896925 CET4435069213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.556967020 CET50692443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.557106972 CET50692443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.557120085 CET4435069213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.731998920 CET4435067413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.735258102 CET4435067413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.736084938 CET50674443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.751646042 CET50674443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.751646996 CET50674443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.751682997 CET4435067413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.751689911 CET4435067413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.765300035 CET50693443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.765336990 CET4435069313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.765429020 CET50693443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.766849995 CET50693443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.766875982 CET4435069313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.795114994 CET4435067313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.795304060 CET4435067313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.795402050 CET50673443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.801687956 CET50673443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.801687956 CET50673443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.801708937 CET4435067313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.801718950 CET4435067313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.855993032 CET50696443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.856025934 CET4435069613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.856110096 CET50696443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.857762098 CET50696443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.857774019 CET4435069613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.860008001 CET50697443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.860038996 CET4435069734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.860290051 CET50697443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.860439062 CET50697443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.860454082 CET4435069734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.875447989 CET4435067513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.878518105 CET4435067513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.878565073 CET4435067513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.878590107 CET50675443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.878626108 CET50675443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.878736973 CET50675443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.878736973 CET50675443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.878746986 CET4435067513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.878752947 CET4435067513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.883785009 CET50698443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.883831024 CET4435069834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.883928061 CET50698443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.885180950 CET50698443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.885184050 CET50699443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.885207891 CET4435069834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.885236979 CET4435069913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.885426044 CET50699443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.907097101 CET50699443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.907141924 CET4435069913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.922343016 CET4435067713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.925157070 CET4435067713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.925288916 CET50677443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.925323009 CET50677443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.925323009 CET50677443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.925338030 CET4435067713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.925348043 CET4435067713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.928481102 CET50701443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.928503990 CET4435070113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.928596020 CET50701443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.931725979 CET50701443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:04.931752920 CET4435070113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:05.644855022 CET44350684142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:05.645589113 CET50684443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:05.645598888 CET44350684142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:05.646068096 CET44350684142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:05.647327900 CET50684443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:05.647432089 CET44350684142.250.181.68192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:05.689768076 CET50684443192.168.2.5142.250.181.68
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.105317116 CET4435069734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.105400085 CET50697443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.110835075 CET50697443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.110846996 CET4435069734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.111192942 CET4435069734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.112333059 CET50697443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.112575054 CET50697443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.112581968 CET4435069734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.316071987 CET4435069213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.316648006 CET50692443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.316669941 CET4435069213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.317090988 CET50692443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.317095041 CET4435069213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.516789913 CET4435069313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.517323017 CET50693443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.517378092 CET4435069313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.517961979 CET50693443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.517976046 CET4435069313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.556574106 CET4435069734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.556775093 CET4435069734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.556828022 CET50697443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.556863070 CET50697443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.556880951 CET4435069734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.556894064 CET50697443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.556900024 CET4435069734.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.612015009 CET4435069834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.612085104 CET50698443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.614626884 CET50698443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.614635944 CET4435069834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.614841938 CET4435069834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.614898920 CET50698443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.615174055 CET50698443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.655364037 CET4435069834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.713809967 CET4435069913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.714332104 CET50699443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.714394093 CET4435069913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.715008020 CET50699443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.715025902 CET4435069913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.741643906 CET4435070113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.746098042 CET50701443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.746155977 CET4435070113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.746932983 CET50701443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.746962070 CET4435070113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.749597073 CET4435069213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.752564907 CET4435069213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.752625942 CET50692443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.752916098 CET50692443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.752929926 CET4435069213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.752940893 CET50692443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.752945900 CET4435069213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.904793024 CET50710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.904829025 CET4435071013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.904962063 CET50710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.906863928 CET50710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.906878948 CET4435071013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.949219942 CET4435069313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.952595949 CET4435069313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.952656031 CET4435069313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:06.952711105 CET50693443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.064555883 CET4435069834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.064636946 CET50698443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.064656019 CET4435069834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.064788103 CET4435069834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.064831018 CET50698443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.157619953 CET4435069913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.160883904 CET4435069913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.160928965 CET4435069913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.161010027 CET50699443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.161550999 CET50699443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.172188997 CET4435069613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.184170008 CET4435070113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.187257051 CET4435070113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.189650059 CET50701443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.220690966 CET50696443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.262463093 CET50693443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.262480974 CET4435069313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.262492895 CET50693443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.262496948 CET50701443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.262499094 CET4435069313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.262510061 CET4435070113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.262528896 CET50701443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.262536049 CET4435070113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.270138979 CET50698443192.168.2.534.117.223.223
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.270164967 CET4435069834.117.223.223192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.274483919 CET50699443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.274530888 CET4435069913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.274560928 CET50699443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.274580956 CET4435069913.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.275424957 CET50696443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.275430918 CET4435069613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.275861025 CET50696443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.275863886 CET4435069613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.309591055 CET50712443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.309638977 CET4435071213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.309864998 CET50712443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.311501980 CET50713443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.311537027 CET4435071313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.311594009 CET50713443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.312570095 CET50712443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.312589884 CET4435071213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.312686920 CET50713443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.312700987 CET4435071313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.316174984 CET50714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.316190004 CET4435071413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.316251993 CET50714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.316474915 CET50714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.316488028 CET4435071413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.615336895 CET4435069613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.618832111 CET4435069613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.618971109 CET50696443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.659326077 CET50696443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.659326077 CET50696443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.659353971 CET4435069613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.659365892 CET4435069613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.791265011 CET50717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.791289091 CET4435071713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.791347980 CET50717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.792500973 CET50717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:07.792515993 CET4435071713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:08.688755035 CET4435071013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:08.721579075 CET50710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:08.721579075 CET50710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:08.721594095 CET4435071013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:08.721611023 CET4435071013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.037879944 CET4435071313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.038650036 CET50713443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.038674116 CET4435071313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.041023970 CET50713443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.041030884 CET4435071313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.108509064 CET4435071413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.110335112 CET50714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.110335112 CET50714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.110347033 CET4435071413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.110358000 CET4435071413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.113388062 CET4435071213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.114229918 CET50712443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.114229918 CET50712443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.114240885 CET4435071213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.114248991 CET4435071213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.132128000 CET4435071013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.135546923 CET4435071013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.135715008 CET50710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.135737896 CET50710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.135737896 CET50710443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.135749102 CET4435071013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.135761023 CET4435071013.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.140196085 CET50721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.140229940 CET4435072113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.140394926 CET50721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.140804052 CET50721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.140814066 CET4435072113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.471909046 CET4435071313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.475014925 CET4435071313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.475050926 CET4435071313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.475203991 CET50713443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.475352049 CET50713443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.475352049 CET50713443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.475656986 CET50713443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.475671053 CET4435071313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.477881908 CET50723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.477897882 CET4435072313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.478065014 CET50723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.478089094 CET50723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.478092909 CET4435072313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.551569939 CET4435071413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.554879904 CET4435071413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.554961920 CET50714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.554961920 CET50714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.554984093 CET50714443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.554990053 CET4435071413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.556405067 CET4435071213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.557028055 CET50724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.557054043 CET4435072413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.557440996 CET50724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.557440996 CET50724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.557472944 CET4435072413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.559469938 CET4435071213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.559557915 CET50712443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.559557915 CET50712443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.559637070 CET50712443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.559639931 CET4435071213.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.561747074 CET50725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.561769962 CET4435072513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.561887980 CET50725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.562063932 CET50725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.562077999 CET4435072513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.638094902 CET4435071713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.638616085 CET50717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.638633966 CET4435071713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.639121056 CET50717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:09.639126062 CET4435071713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:10.344973087 CET4435071713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:10.347706079 CET4435071713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:10.347752094 CET50717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:10.347770929 CET4435071713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:10.347784996 CET4435071713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:10.347824097 CET50717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:10.363174915 CET50717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:10.363197088 CET4435071713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:10.363219976 CET50717443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:10.363226891 CET4435071713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:10.422823906 CET50728443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:10.422877073 CET4435072813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:10.423063993 CET50728443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:10.491842031 CET50728443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:10.491868973 CET4435072813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:10.922106028 CET4435072113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:10.970340967 CET50721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:10.985399008 CET50721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:10.985409021 CET4435072113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:10.987709999 CET50721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:10.987714052 CET4435072113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.273932934 CET4435072313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.331717968 CET50723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.344373941 CET50723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.344386101 CET4435072313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.345151901 CET50723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.345158100 CET4435072313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.366573095 CET4435072113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.378292084 CET4435072113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.378350019 CET50721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.426651955 CET50721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.426666021 CET4435072113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.426695108 CET50721443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.426702023 CET4435072113.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.603068113 CET4435072413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.629280090 CET50733443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.629329920 CET4435073313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.629539013 CET50733443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.657849073 CET50724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.662862062 CET4435072513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.704739094 CET50725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.718488932 CET4435072313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.721590042 CET4435072313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.721651077 CET4435072313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.721652985 CET50723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.721700907 CET50723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.777896881 CET50724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.777940989 CET4435072413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.778330088 CET50724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.778348923 CET4435072413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.778531075 CET50723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.778570890 CET4435072313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.778588057 CET50723443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.778594971 CET4435072313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.788901091 CET50733443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.788929939 CET4435073313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.842410088 CET50725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.842427015 CET4435072513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.842833996 CET50725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.842839003 CET4435072513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.960887909 CET50734443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.960983992 CET4435073413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:11.961062908 CET50734443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.095758915 CET4435072413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.101273060 CET4435072413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.101350069 CET50724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.102950096 CET50734443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.102996111 CET4435073413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.168884039 CET4435072513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.174681902 CET4435072513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.174732924 CET50725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.206584930 CET4435072813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.217693090 CET50724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.217736959 CET4435072413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.217763901 CET50724443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.217799902 CET4435072413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.232255936 CET50725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.232278109 CET4435072513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.232294083 CET50725443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.232300043 CET4435072513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.302181005 CET50728443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.302210093 CET4435072813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.302769899 CET50728443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.302774906 CET4435072813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.350100994 CET50735443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.350172997 CET4435073513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.350306034 CET50735443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.364059925 CET50736443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.364087105 CET4435073613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.364135981 CET50736443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.491702080 CET50735443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.491750002 CET4435073513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.491903067 CET50736443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.491935968 CET4435073613.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.641551018 CET4435072813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.644670963 CET4435072813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.644891024 CET50728443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.756787062 CET50728443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.756787062 CET50728443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.756800890 CET4435072813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:12.756808996 CET4435072813.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:13.085628986 CET50737443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:13.085649014 CET4435073713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:13.085737944 CET50737443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:13.191665888 CET50737443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:13.191678047 CET4435073713.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:13.580888987 CET4435073313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:13.673460960 CET50733443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:13.714637995 CET50733443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:13.714659929 CET4435073313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:13.715099096 CET50733443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:13.715111971 CET4435073313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:13.823235035 CET4435073413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:13.926486015 CET50734443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:13.926565886 CET4435073413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:13.926917076 CET50734443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:13.926933050 CET4435073413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:14.039870024 CET4435073313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:14.044253111 CET4435073313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:14.044303894 CET4435073313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:14.044306993 CET50733443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:14.044359922 CET50733443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:14.138134003 CET50733443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:14.138134956 CET50733443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:14.138185024 CET4435073313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:14.138215065 CET4435073313.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:14.263183117 CET4435073413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:14.266223907 CET4435073413.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:14.266299963 CET50734443192.168.2.513.107.246.63
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:14.289467096 CET4435073513.107.246.63192.168.2.5
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:14.360961914 CET50735443192.168.2.513.107.246.63

                                                                                                                                                                                                                                                                                                                                                                                DNS Queries

                                                                                                                                                                                                                                                                                                                                                                                TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:19.045996904 CET192.168.2.51.1.1.10x78f5Standard query (0)analytics.avcdn.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:22.394699097 CET192.168.2.51.1.1.10xfab2Standard query (0)ipm-provider.ff.avast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:31.665474892 CET192.168.2.51.1.1.10x837aStandard query (0)shepherd.ff.avast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.293351889 CET192.168.2.51.1.1.10x9374Standard query (0)service.piriform.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:39.789155006 CET192.168.2.51.1.1.10xf963Standard query (0)license.piriform.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.102067947 CET192.168.2.51.1.1.10xc8feStandard query (0)ip-info.ff.avast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.327827930 CET192.168.2.51.1.1.10xd526Standard query (0)ip-info.ff.avast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.552613020 CET192.168.2.51.1.1.10x5034Standard query (0)ncc.avast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.408961058 CET192.168.2.51.1.1.10xffbbStandard query (0)emupdate.avcdn.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.553494930 CET192.168.2.51.1.1.10xe87Standard query (0)emupdate.avcdn.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.131162882 CET192.168.2.51.1.1.10xd04fStandard query (0)ccleaner.tools.avcdn.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.439070940 CET192.168.2.51.1.1.10x804Standard query (0)ccleaner.tools.avcdn.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.583208084 CET192.168.2.51.1.1.10x34dfStandard query (0)winqual.sb.avast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.190042019 CET192.168.2.51.1.1.10xea7fStandard query (0)ncc.avast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:00.283118963 CET192.168.2.51.1.1.10x77afStandard query (0)www.ccleaner.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:00.283998966 CET192.168.2.51.1.1.10x11daStandard query (0)www.ccleaner.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.329983950 CET192.168.2.51.1.1.10x6796Standard query (0)www.ccleaner.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.330255985 CET192.168.2.51.1.1.10x40f4Standard query (0)www.ccleaner.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.815427065 CET192.168.2.51.1.1.10x6c0Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.815560102 CET192.168.2.51.1.1.10x25baStandard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.164661884 CET192.168.2.51.1.1.10x8ad5Standard query (0)cdn-production.ccleaner.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.164891005 CET192.168.2.51.1.1.10x2407Standard query (0)cdn-production.ccleaner.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.165482998 CET192.168.2.51.1.1.10xdca9Standard query (0)cdn.cookielaw.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.165772915 CET192.168.2.51.1.1.10x1f8cStandard query (0)cdn.cookielaw.org65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.311458111 CET192.168.2.51.1.1.10x51d5Standard query (0)dev.visualwebsiteoptimizer.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.311598063 CET192.168.2.51.1.1.10xd994Standard query (0)dev.visualwebsiteoptimizer.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.249645948 CET192.168.2.51.1.1.10xa918Standard query (0)cdn.cookielaw.orgA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.249855995 CET192.168.2.51.1.1.10xf32bStandard query (0)cdn.cookielaw.org65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.095326900 CET192.168.2.51.1.1.10x4e28Standard query (0)cdn-production.ccleaner.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.095449924 CET192.168.2.51.1.1.10xb9f0Standard query (0)cdn-production.ccleaner.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.124862909 CET192.168.2.51.1.1.10xd5d3Standard query (0)www.ccleaner.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.125040054 CET192.168.2.51.1.1.10x12fbStandard query (0)www.ccleaner.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.979494095 CET192.168.2.51.1.1.10x398cStandard query (0)s.go-mpulse.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.979798079 CET192.168.2.51.1.1.10xdcedStandard query (0)s.go-mpulse.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.983189106 CET192.168.2.51.1.1.10xf623Standard query (0)assets.adobedtm.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.983341932 CET192.168.2.51.1.1.10x2288Standard query (0)assets.adobedtm.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.721350908 CET192.168.2.51.1.1.10xed28Standard query (0)geolocation.onetrust.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.721596956 CET192.168.2.51.1.1.10x485eStandard query (0)geolocation.onetrust.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.460875988 CET192.168.2.51.1.1.10xc1acStandard query (0)dpm.demdex.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.461169004 CET192.168.2.51.1.1.10xf7f5Standard query (0)dpm.demdex.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.222630024 CET192.168.2.51.1.1.10x4ef7Standard query (0)assets.adobedtm.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.222860098 CET192.168.2.51.1.1.10x1b3eStandard query (0)assets.adobedtm.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.223658085 CET192.168.2.51.1.1.10x109bStandard query (0)s.go-mpulse.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.223809958 CET192.168.2.51.1.1.10xe405Standard query (0)s.go-mpulse.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.240376949 CET192.168.2.51.1.1.10x1832Standard query (0)geolocation.onetrust.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.240629911 CET192.168.2.51.1.1.10x4dcaStandard query (0)geolocation.onetrust.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.458208084 CET192.168.2.51.1.1.10x652fStandard query (0)symantec.tt.omtrdc.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.458642960 CET192.168.2.51.1.1.10x69c7Standard query (0)symantec.tt.omtrdc.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.757500887 CET192.168.2.51.1.1.10x707Standard query (0)symantec.demdex.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.757705927 CET192.168.2.51.1.1.10xe343Standard query (0)symantec.demdex.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.765253067 CET192.168.2.51.1.1.10x67ceStandard query (0)dpm.demdex.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.765599012 CET192.168.2.51.1.1.10xc31aStandard query (0)dpm.demdex.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.166397095 CET192.168.2.51.1.1.10xa0f8Standard query (0)www.nortonlifelock.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.166524887 CET192.168.2.51.1.1.10x5df5Standard query (0)www.nortonlifelock.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.193214893 CET192.168.2.51.1.1.10x98e7Standard query (0)c.go-mpulse.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.193355083 CET192.168.2.51.1.1.10xaf4dStandard query (0)c.go-mpulse.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.265125990 CET192.168.2.51.1.1.10x444bStandard query (0)symantec.tt.omtrdc.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.265408993 CET192.168.2.51.1.1.10x95e1Standard query (0)symantec.tt.omtrdc.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.053400993 CET192.168.2.51.1.1.10x1630Standard query (0)cm.everesttech.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.053543091 CET192.168.2.51.1.1.10xf2c5Standard query (0)cm.everesttech.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.059848070 CET192.168.2.51.1.1.10x7b01Standard query (0)static.ads-twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.059988976 CET192.168.2.51.1.1.10x6483Standard query (0)static.ads-twitter.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.060221910 CET192.168.2.51.1.1.10x8827Standard query (0)amplify.outbrain.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.060338020 CET192.168.2.51.1.1.10x754cStandard query (0)amplify.outbrain.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.062237978 CET192.168.2.51.1.1.10x1545Standard query (0)s.yimg.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.062386990 CET192.168.2.51.1.1.10x7a9cStandard query (0)s.yimg.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.951904058 CET192.168.2.51.1.1.10x89b8Standard query (0)ncc.avast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.065310955 CET192.168.2.51.1.1.10x4096Standard query (0)mstatic.ccleaner.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.066495895 CET192.168.2.51.1.1.10xe417Standard query (0)mstatic.ccleaner.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.193428040 CET192.168.2.51.1.1.10x5acaStandard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.193634033 CET192.168.2.51.1.1.10x6ebcStandard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.216237068 CET192.168.2.51.1.1.10xcfe9Standard query (0)www.mczbf.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.216691971 CET192.168.2.51.1.1.10xae7aStandard query (0)www.mczbf.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.217169046 CET192.168.2.51.1.1.10xca3fStandard query (0)oms.ccleaner.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.217664003 CET192.168.2.51.1.1.10x3d76Standard query (0)oms.ccleaner.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.838747025 CET192.168.2.51.1.1.10xbf5aStandard query (0)tr.outbrain.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.838948965 CET192.168.2.51.1.1.10x4cb1Standard query (0)tr.outbrain.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.410742998 CET192.168.2.51.1.1.10x5dd3Standard query (0)cdn-uat.ccleaner.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.410897970 CET192.168.2.51.1.1.10x8c83Standard query (0)cdn-uat.ccleaner.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.820687056 CET192.168.2.51.1.1.10x7f95Standard query (0)download.avira.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.047574043 CET192.168.2.51.1.1.10x56eaStandard query (0)c.go-mpulse.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.047842026 CET192.168.2.51.1.1.10x19c0Standard query (0)c.go-mpulse.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.053868055 CET192.168.2.51.1.1.10xf184Standard query (0)www.nortonlifelock.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.054030895 CET192.168.2.51.1.1.10xd95aStandard query (0)www.nortonlifelock.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.054802895 CET192.168.2.51.1.1.10xafc3Standard query (0)s.yimg.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.054959059 CET192.168.2.51.1.1.10xbd50Standard query (0)s.yimg.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.055813074 CET192.168.2.51.1.1.10xd8f9Standard query (0)static.ads-twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.056072950 CET192.168.2.51.1.1.10xec82Standard query (0)static.ads-twitter.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.056588888 CET192.168.2.51.1.1.10x6915Standard query (0)amplify.outbrain.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.056770086 CET192.168.2.51.1.1.10x3899Standard query (0)amplify.outbrain.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.125765085 CET192.168.2.51.1.1.10xcaa6Standard query (0)oms.ccleaner.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.125911951 CET192.168.2.51.1.1.10x1851Standard query (0)oms.ccleaner.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.957309008 CET192.168.2.51.1.1.10xb47eStandard query (0)t.coA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.958256006 CET192.168.2.51.1.1.10x83e2Standard query (0)t.co65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.958698034 CET192.168.2.51.1.1.10xb58eStandard query (0)analytics.twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.959003925 CET192.168.2.51.1.1.10xb187Standard query (0)analytics.twitter.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:29.959647894 CET192.168.2.51.1.1.10x4790Standard query (0)wave.outbrain.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.081475019 CET192.168.2.51.1.1.10x978Standard query (0)wave.outbrain.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.282867908 CET192.168.2.51.1.1.10x56c7Standard query (0)c5.adalyser.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.283217907 CET192.168.2.51.1.1.10x836fStandard query (0)c5.adalyser.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.309681892 CET192.168.2.51.1.1.10xaa28Standard query (0)snap.licdn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.309866905 CET192.168.2.51.1.1.10x8135Standard query (0)snap.licdn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.599071026 CET192.168.2.51.1.1.10x8a7cStandard query (0)driver-updater.ff.avast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.075220108 CET192.168.2.51.1.1.10x376dStandard query (0)connect.facebook.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.075500011 CET192.168.2.51.1.1.10x5932Standard query (0)connect.facebook.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.628151894 CET192.168.2.51.1.1.10x6ab8Standard query (0)static.hotjar.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.628571987 CET192.168.2.51.1.1.10x9e91Standard query (0)static.hotjar.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.790941954 CET192.168.2.51.1.1.10x733aStandard query (0)analytics.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.791151047 CET192.168.2.51.1.1.10x4773Standard query (0)analytics.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.813930988 CET192.168.2.51.1.1.10x9284Standard query (0)idsync.rlcdn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.814142942 CET192.168.2.51.1.1.10x238bStandard query (0)idsync.rlcdn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.815164089 CET192.168.2.51.1.1.10x7dceStandard query (0)td.doubleclick.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.815308094 CET192.168.2.51.1.1.10x1ba2Standard query (0)td.doubleclick.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.824337006 CET192.168.2.51.1.1.10x2250Standard query (0)px.ads.linkedin.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.824578047 CET192.168.2.51.1.1.10x1f0bStandard query (0)px.ads.linkedin.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.269540071 CET192.168.2.51.1.1.10x78ecStandard query (0)sp.analytics.yahoo.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.270412922 CET192.168.2.51.1.1.10x4709Standard query (0)sp.analytics.yahoo.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.493762970 CET192.168.2.51.1.1.10x66e2Standard query (0)stats.g.doubleclick.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.493931055 CET192.168.2.51.1.1.10x7293Standard query (0)stats.g.doubleclick.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.501120090 CET192.168.2.51.1.1.10x5760Standard query (0)script.hotjar.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.501359940 CET192.168.2.51.1.1.10x2aeaStandard query (0)script.hotjar.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.865025997 CET192.168.2.51.1.1.10x5961Standard query (0)www.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:37.865277052 CET192.168.2.51.1.1.10xac82Standard query (0)www.facebook.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.603826046 CET192.168.2.51.1.1.10x3220Standard query (0)www.linkedin.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.604094028 CET192.168.2.51.1.1.10xdfcbStandard query (0)www.linkedin.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.680180073 CET192.168.2.51.1.1.10xefd3Standard query (0)www.mczbf.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.680474043 CET192.168.2.51.1.1.10xaab5Standard query (0)www.mczbf.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.681189060 CET192.168.2.51.1.1.10x9457Standard query (0)mstatic.ccleaner.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.681334019 CET192.168.2.51.1.1.10x70a2Standard query (0)mstatic.ccleaner.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.683176041 CET192.168.2.51.1.1.10xb417Standard query (0)tr.outbrain.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.683310032 CET192.168.2.51.1.1.10xf617Standard query (0)tr.outbrain.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.683904886 CET192.168.2.51.1.1.10x2e7bStandard query (0)cdn-uat.ccleaner.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.684050083 CET192.168.2.51.1.1.10x1407Standard query (0)cdn-uat.ccleaner.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.684736013 CET192.168.2.51.1.1.10x30b7Standard query (0)analytics.twitter.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.684891939 CET192.168.2.51.1.1.10xee53Standard query (0)analytics.twitter.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.685461044 CET192.168.2.51.1.1.10x509Standard query (0)t.coA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.685646057 CET192.168.2.51.1.1.10x7ab0Standard query (0)t.co65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.606043100 CET192.168.2.51.1.1.10xa256Standard query (0)ncc.avast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.212431908 CET192.168.2.51.1.1.10x5fa3Standard query (0)684d0d45.akstat.ioA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.214112043 CET192.168.2.51.1.1.10x42daStandard query (0)684d0d45.akstat.io65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.218456984 CET192.168.2.51.1.1.10x9944Standard query (0)zn4i1jhjmxub1nc6y-gendigital.siteintercept.qualtrics.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.218585968 CET192.168.2.51.1.1.10xb2c9Standard query (0)zn4i1jhjmxub1nc6y-gendigital.siteintercept.qualtrics.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.219024897 CET192.168.2.51.1.1.10x3f5Standard query (0)s1.pir.fmA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.219132900 CET192.168.2.51.1.1.10x5142Standard query (0)s1.pir.fm65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.360999107 CET192.168.2.51.1.1.10x2c7dStandard query (0)trial-eum-clientnsv4-s.akamaihd.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.361251116 CET192.168.2.51.1.1.10xd487Standard query (0)trial-eum-clientnsv4-s.akamaihd.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.361644983 CET192.168.2.51.1.1.10xf79aStandard query (0)trial-eum-clienttons-s.akamaihd.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.362225056 CET192.168.2.51.1.1.10x43f0Standard query (0)trial-eum-clienttons-s.akamaihd.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.323585033 CET192.168.2.51.1.1.10xf3d0Standard query (0)snap.licdn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.323795080 CET192.168.2.51.1.1.10xd2f2Standard query (0)snap.licdn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.324372053 CET192.168.2.51.1.1.10xfa56Standard query (0)wave.outbrain.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.324372053 CET192.168.2.51.1.1.10xca0fStandard query (0)wave.outbrain.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.324898005 CET192.168.2.51.1.1.10x9853Standard query (0)c5.adalyser.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.325256109 CET192.168.2.51.1.1.10xf6e9Standard query (0)c5.adalyser.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.326802969 CET192.168.2.51.1.1.10x476eStandard query (0)connect.facebook.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.327326059 CET192.168.2.51.1.1.10xf62bStandard query (0)connect.facebook.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.335160971 CET192.168.2.51.1.1.10xda01Standard query (0)px.ads.linkedin.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.335160971 CET192.168.2.51.1.1.10x93eaStandard query (0)px.ads.linkedin.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.335603952 CET192.168.2.51.1.1.10xbaecStandard query (0)static.hotjar.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.335840940 CET192.168.2.51.1.1.10x4311Standard query (0)static.hotjar.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.336519957 CET192.168.2.51.1.1.10xc36bStandard query (0)idsync.rlcdn.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.336720943 CET192.168.2.51.1.1.10xe27Standard query (0)idsync.rlcdn.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.418006897 CET192.168.2.51.1.1.10x8fe0Standard query (0)8-46-123-75_s-2-20-68-230_ts-1732446949-clienttons-s.akamaihd.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.418749094 CET192.168.2.51.1.1.10xd57aStandard query (0)8-46-123-75_s-2-20-68-230_ts-1732446949-clienttons-s.akamaihd.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.422336102 CET192.168.2.51.1.1.10xe456Standard query (0)siteintercept.qualtrics.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.422889948 CET192.168.2.51.1.1.10x75c9Standard query (0)siteintercept.qualtrics.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.424590111 CET192.168.2.51.1.1.10x1b76Standard query (0)baxhwsyxgzi4uz2dblsq-p08v2f-49ff2084c-clientnsv4-s.akamaihd.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.424957037 CET192.168.2.51.1.1.10x16e2Standard query (0)baxhwsyxgzi4uz2dblsq-p08v2f-49ff2084c-clientnsv4-s.akamaihd.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.279011965 CET192.168.2.51.1.1.10x869eStandard query (0)ipmcdn.avast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.592363119 CET192.168.2.51.1.1.10x28bbStandard query (0)analytics.ff.avast.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.319271088 CET192.168.2.51.1.1.10xde1eStandard query (0)sp.analytics.yahoo.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.319629908 CET192.168.2.51.1.1.10xf3f3Standard query (0)sp.analytics.yahoo.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.320486069 CET192.168.2.51.1.1.10xdbcStandard query (0)www.facebook.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.320988894 CET192.168.2.51.1.1.10xc8ceStandard query (0)www.facebook.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.404176950 CET192.168.2.51.1.1.10xd7fbStandard query (0)zn4i1jhjmxub1nc6y-gendigital.siteintercept.qualtrics.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.404303074 CET192.168.2.51.1.1.10xa952Standard query (0)zn4i1jhjmxub1nc6y-gendigital.siteintercept.qualtrics.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.406836033 CET192.168.2.51.1.1.10x6999Standard query (0)s1.pir.fmA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.406971931 CET192.168.2.51.1.1.10x1b39Standard query (0)s1.pir.fm65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.410295963 CET192.168.2.51.1.1.10xd98eStandard query (0)siteintercept.qualtrics.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.410607100 CET192.168.2.51.1.1.10xa7d2Standard query (0)siteintercept.qualtrics.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.412220001 CET192.168.2.51.1.1.10x988bStandard query (0)8-46-123-75_s-2-20-68-230_ts-1732446949-clienttons-s.akamaihd.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.412384033 CET192.168.2.51.1.1.10xe403Standard query (0)8-46-123-75_s-2-20-68-230_ts-1732446949-clienttons-s.akamaihd.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.412883997 CET192.168.2.51.1.1.10xb287Standard query (0)baxhwsyxgzi4uz2dblsq-p08v2f-49ff2084c-clientnsv4-s.akamaihd.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.413173914 CET192.168.2.51.1.1.10xfd13Standard query (0)baxhwsyxgzi4uz2dblsq-p08v2f-49ff2084c-clientnsv4-s.akamaihd.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:14.972928047 CET192.168.2.51.1.1.10x38d7Standard query (0)analytics.ff.avast.comA (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                                                                                                                DNS Answers

                                                                                                                                                                                                                                                                                                                                                                                TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:19.185264111 CET1.1.1.1192.168.2.50x78f5No error (0)analytics.avcdn.netanalytics.ff.avast.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:19.185264111 CET1.1.1.1192.168.2.50x78f5No error (0)analytics.ff.avast.comanalytics-prod-gcp.ff.avast.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:19.185264111 CET1.1.1.1192.168.2.50x78f5No error (0)analytics-prod-gcp.ff.avast.com34.117.223.223A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:22.531809092 CET1.1.1.1192.168.2.50xfab2No error (0)ipm-provider.ff.avast.comipm-gcp-prod.ff.avast.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:22.531809092 CET1.1.1.1192.168.2.50xfab2No error (0)ipm-gcp-prod.ff.avast.com34.111.24.1A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:31.810024977 CET1.1.1.1192.168.2.50x837aNo error (0)shepherd.ff.avast.comshepherd-gcp.ff.avast.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:31.810024977 CET1.1.1.1192.168.2.50x837aNo error (0)shepherd-gcp.ff.avast.com34.160.176.28A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:37.761527061 CET1.1.1.1192.168.2.50x9374No error (0)service.piriform.comservice.piriform.com-v1.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:40.263822079 CET1.1.1.1192.168.2.50xf963No error (0)license.piriform.comlicense.piriform.com-v2.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.239018917 CET1.1.1.1192.168.2.50xc8feNo error (0)ip-info.ff.avast.comip-info-gcp.ff.avast.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.239018917 CET1.1.1.1192.168.2.50xc8feNo error (0)ip-info-gcp.ff.avast.com34.111.175.102A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.464665890 CET1.1.1.1192.168.2.50xd526No error (0)ip-info.ff.avast.comip-info-gcp.ff.avast.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:51.464665890 CET1.1.1.1192.168.2.50xd526No error (0)ip-info-gcp.ff.avast.com34.111.175.102A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:52.695424080 CET1.1.1.1192.168.2.50x5034No error (0)ncc.avast.comncc.avast.com.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.548207045 CET1.1.1.1192.168.2.50xffbbNo error (0)emupdate.avcdn.netemupdate.avcdn.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:53.691049099 CET1.1.1.1192.168.2.50xe87No error (0)emupdate.avcdn.netemupdate.avcdn.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.377288103 CET1.1.1.1192.168.2.50xd04fNo error (0)ccleaner.tools.avcdn.nettools.avcdn.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.576126099 CET1.1.1.1192.168.2.50x804No error (0)ccleaner.tools.avcdn.nettools.avcdn.net.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.894505978 CET1.1.1.1192.168.2.50x34dfNo error (0)winqual.sb.avast.comstreamback-cl1.ns1.ff.avast.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.894505978 CET1.1.1.1192.168.2.50x34dfNo error (0)streamback-cl1.ns1.ff.avast.com35.190.209.22A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:55.894505978 CET1.1.1.1192.168.2.50x34dfNo error (0)streamback-cl1.ns1.ff.avast.com35.246.192.59A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:14:58.329027891 CET1.1.1.1192.168.2.50xea7fNo error (0)ncc.avast.comncc.avast.com.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:00.768285990 CET1.1.1.1192.168.2.50x11daNo error (0)www.ccleaner.comwww.ccleaner.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:00.768464088 CET1.1.1.1192.168.2.50x77afNo error (0)www.ccleaner.comwww.ccleaner.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.468892097 CET1.1.1.1192.168.2.50x6796No error (0)www.ccleaner.comwww.ccleaner.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:02.472069979 CET1.1.1.1192.168.2.50x40f4No error (0)www.ccleaner.comwww.ccleaner.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.952904940 CET1.1.1.1192.168.2.50x25baNo error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:03.953994989 CET1.1.1.1192.168.2.50x6c0No error (0)www.google.com142.250.181.68A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.302140951 CET1.1.1.1192.168.2.50xdca9No error (0)cdn.cookielaw.org104.18.87.42A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.302140951 CET1.1.1.1192.168.2.50xdca9No error (0)cdn.cookielaw.org104.18.86.42A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.302941084 CET1.1.1.1192.168.2.50x1f8cNo error (0)cdn.cookielaw.org65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.449098110 CET1.1.1.1192.168.2.50x51d5No error (0)dev.visualwebsiteoptimizer.com34.96.102.137A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.647536039 CET1.1.1.1192.168.2.50x8ad5No error (0)cdn-production.ccleaner.comcdn-production.ccleaner.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:07.657752037 CET1.1.1.1192.168.2.50x2407No error (0)cdn-production.ccleaner.comcdn-production.ccleaner.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.387505054 CET1.1.1.1192.168.2.50xa918No error (0)cdn.cookielaw.org104.18.87.42A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.387505054 CET1.1.1.1192.168.2.50xa918No error (0)cdn.cookielaw.org104.18.86.42A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:09.388817072 CET1.1.1.1192.168.2.50xf32bNo error (0)cdn.cookielaw.org65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.232697964 CET1.1.1.1192.168.2.50x4e28No error (0)cdn-production.ccleaner.comcdn-production.ccleaner.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.233334064 CET1.1.1.1192.168.2.50xb9f0No error (0)cdn-production.ccleaner.comcdn-production.ccleaner.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.261544943 CET1.1.1.1192.168.2.50x12fbNo error (0)www.ccleaner.comwww.ccleaner.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:10.263307095 CET1.1.1.1192.168.2.50xd5d3No error (0)www.ccleaner.comwww.ccleaner.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.117738008 CET1.1.1.1192.168.2.50x398cNo error (0)s.go-mpulse.netip46.go-mpulse.net.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.120347023 CET1.1.1.1192.168.2.50xdcedNo error (0)s.go-mpulse.netip46.go-mpulse.net.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.121378899 CET1.1.1.1192.168.2.50xf623No error (0)assets.adobedtm.comcn-assets.adobedtm.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:11.122585058 CET1.1.1.1192.168.2.50x2288No error (0)assets.adobedtm.comcn-assets.adobedtm.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.857820988 CET1.1.1.1192.168.2.50xed28No error (0)geolocation.onetrust.com172.64.155.119A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.857820988 CET1.1.1.1192.168.2.50xed28No error (0)geolocation.onetrust.com104.18.32.137A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:12.859111071 CET1.1.1.1192.168.2.50x485eNo error (0)geolocation.onetrust.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.598157883 CET1.1.1.1192.168.2.50xf7f5No error (0)dpm.demdex.netgslb-2.demdex.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.598157883 CET1.1.1.1192.168.2.50xf7f5No error (0)gslb-2.demdex.netedge-irl1.demdex.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.598157883 CET1.1.1.1192.168.2.50xf7f5No error (0)edge-irl1.demdex.netdcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.605209112 CET1.1.1.1192.168.2.50xc1acNo error (0)dpm.demdex.netgslb-2.demdex.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.605209112 CET1.1.1.1192.168.2.50xc1acNo error (0)gslb-2.demdex.netedge-irl1.demdex.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.605209112 CET1.1.1.1192.168.2.50xc1acNo error (0)edge-irl1.demdex.netdcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.605209112 CET1.1.1.1192.168.2.50xc1acNo error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com54.229.91.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.605209112 CET1.1.1.1192.168.2.50xc1acNo error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com34.249.232.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.605209112 CET1.1.1.1192.168.2.50xc1acNo error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com34.243.219.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.605209112 CET1.1.1.1192.168.2.50xc1acNo error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com54.154.234.207A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.605209112 CET1.1.1.1192.168.2.50xc1acNo error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com34.253.40.242A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.605209112 CET1.1.1.1192.168.2.50xc1acNo error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com54.154.212.37A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.605209112 CET1.1.1.1192.168.2.50xc1acNo error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com99.80.224.190A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:14.605209112 CET1.1.1.1192.168.2.50xc1acNo error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com63.34.142.90A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.359860897 CET1.1.1.1192.168.2.50x4ef7No error (0)assets.adobedtm.comcn-assets.adobedtm.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.360305071 CET1.1.1.1192.168.2.50x1b3eNo error (0)assets.adobedtm.comcn-assets.adobedtm.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.362787962 CET1.1.1.1192.168.2.50x109bNo error (0)s.go-mpulse.netip46.go-mpulse.net.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.364942074 CET1.1.1.1192.168.2.50xe405No error (0)s.go-mpulse.netip46.go-mpulse.net.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.377433062 CET1.1.1.1192.168.2.50x1832No error (0)geolocation.onetrust.com104.18.32.137A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.377433062 CET1.1.1.1192.168.2.50x1832No error (0)geolocation.onetrust.com172.64.155.119A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:15.377578974 CET1.1.1.1192.168.2.50x4dcaNo error (0)geolocation.onetrust.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.834059000 CET1.1.1.1192.168.2.50x652fNo error (0)symantec.tt.omtrdc.netadobetarget.data.adobedc.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.834059000 CET1.1.1.1192.168.2.50x652fNo error (0)adobetarget.data.adobedc.net66.235.152.221A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.834059000 CET1.1.1.1192.168.2.50x652fNo error (0)adobetarget.data.adobedc.net66.235.152.156A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.834059000 CET1.1.1.1192.168.2.50x652fNo error (0)adobetarget.data.adobedc.net66.235.152.225A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.836541891 CET1.1.1.1192.168.2.50x69c7No error (0)symantec.tt.omtrdc.netadobetarget.data.adobedc.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.905222893 CET1.1.1.1192.168.2.50xc31aNo error (0)dpm.demdex.netgslb-2.demdex.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.905222893 CET1.1.1.1192.168.2.50xc31aNo error (0)gslb-2.demdex.netedge-irl1.demdex.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.905222893 CET1.1.1.1192.168.2.50xc31aNo error (0)edge-irl1.demdex.netdcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.905365944 CET1.1.1.1192.168.2.50x67ceNo error (0)dpm.demdex.netgslb-2.demdex.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.905365944 CET1.1.1.1192.168.2.50x67ceNo error (0)gslb-2.demdex.netedge-irl1.demdex.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.905365944 CET1.1.1.1192.168.2.50x67ceNo error (0)edge-irl1.demdex.netdcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.905365944 CET1.1.1.1192.168.2.50x67ceNo error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com63.34.142.90A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.905365944 CET1.1.1.1192.168.2.50x67ceNo error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com34.253.40.242A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.905365944 CET1.1.1.1192.168.2.50x67ceNo error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com34.243.219.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.905365944 CET1.1.1.1192.168.2.50x67ceNo error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com54.154.234.207A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.905365944 CET1.1.1.1192.168.2.50x67ceNo error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com54.229.91.192A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.905365944 CET1.1.1.1192.168.2.50x67ceNo error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com54.154.212.37A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.905365944 CET1.1.1.1192.168.2.50x67ceNo error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com34.249.232.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:16.905365944 CET1.1.1.1192.168.2.50x67ceNo error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com99.80.224.190A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.589858055 CET1.1.1.1192.168.2.50xe343No error (0)symantec.demdex.netgslb-2.demdex.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.589858055 CET1.1.1.1192.168.2.50xe343No error (0)gslb-2.demdex.netedge-irl1.demdex.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.589858055 CET1.1.1.1192.168.2.50xe343No error (0)edge-irl1.demdex.netdcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.589968920 CET1.1.1.1192.168.2.50x707No error (0)symantec.demdex.netgslb-2.demdex.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.589968920 CET1.1.1.1192.168.2.50x707No error (0)gslb-2.demdex.netedge-irl1.demdex.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.589968920 CET1.1.1.1192.168.2.50x707No error (0)edge-irl1.demdex.netdcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.589968920 CET1.1.1.1192.168.2.50x707No error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com34.253.40.242A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.589968920 CET1.1.1.1192.168.2.50x707No error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com52.210.55.235A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.589968920 CET1.1.1.1192.168.2.50x707No error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com52.212.146.29A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.589968920 CET1.1.1.1192.168.2.50x707No error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com52.212.192.25A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.589968920 CET1.1.1.1192.168.2.50x707No error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com63.35.35.114A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.589968920 CET1.1.1.1192.168.2.50x707No error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com63.34.142.90A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.589968920 CET1.1.1.1192.168.2.50x707No error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com54.154.234.207A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:17.589968920 CET1.1.1.1192.168.2.50x707No error (0)dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com54.154.212.37A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.332730055 CET1.1.1.1192.168.2.50xaf4dNo error (0)c.go-mpulse.netwildcard46.go-mpulse.net.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.335683107 CET1.1.1.1192.168.2.50x98e7No error (0)c.go-mpulse.netwildcard46.go-mpulse.net.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.404457092 CET1.1.1.1192.168.2.50x95e1No error (0)symantec.tt.omtrdc.netadobetarget.data.adobedc.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.407522917 CET1.1.1.1192.168.2.50x444bNo error (0)symantec.tt.omtrdc.netadobetarget.data.adobedc.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.407522917 CET1.1.1.1192.168.2.50x444bNo error (0)adobetarget.data.adobedc.net66.235.152.221A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.407522917 CET1.1.1.1192.168.2.50x444bNo error (0)adobetarget.data.adobedc.net66.235.152.156A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.407522917 CET1.1.1.1192.168.2.50x444bNo error (0)adobetarget.data.adobedc.net66.235.152.225A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.483736992 CET1.1.1.1192.168.2.50xa0f8No error (0)www.nortonlifelock.comwww.nortonlifelock.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:19.574268103 CET1.1.1.1192.168.2.50x5df5No error (0)www.nortonlifelock.comwww.nortonlifelock.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.190675974 CET1.1.1.1192.168.2.50x1630No error (0)cm.everesttech.netcm.everesttech.net.akadns.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.190956116 CET1.1.1.1192.168.2.50xf2c5No error (0)cm.everesttech.netcm.everesttech.net.akadns.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.197015047 CET1.1.1.1192.168.2.50x7b01No error (0)static.ads-twitter.complatform.twitter.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.197015047 CET1.1.1.1192.168.2.50x7b01No error (0)platform.twitter.map.fastly.net146.75.120.157A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.197127104 CET1.1.1.1192.168.2.50x6483No error (0)static.ads-twitter.complatform.twitter.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.199301004 CET1.1.1.1192.168.2.50x7a9cNo error (0)s.yimg.comedge.gycpi.b.yahoodns.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.200565100 CET1.1.1.1192.168.2.50x1545No error (0)s.yimg.comedge.gycpi.b.yahoodns.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.200565100 CET1.1.1.1192.168.2.50x1545No error (0)edge.gycpi.b.yahoodns.net87.248.114.12A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.200565100 CET1.1.1.1192.168.2.50x1545No error (0)edge.gycpi.b.yahoodns.net87.248.114.11A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.286429882 CET1.1.1.1192.168.2.50x8827No error (0)amplify.outbrain.comwildcard.outbrain.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:22.306893110 CET1.1.1.1192.168.2.50x754cNo error (0)amplify.outbrain.comwildcard.outbrain.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.089692116 CET1.1.1.1192.168.2.50x89b8No error (0)ncc.avast.comncc.avast.com.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.330466032 CET1.1.1.1192.168.2.50x6ebcNo error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.330482960 CET1.1.1.1192.168.2.50x5acaNo error (0)www.google.com142.250.181.68A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.353729963 CET1.1.1.1192.168.2.50xcfe9No error (0)www.mczbf.comdcjdc5qmbbux7.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.353729963 CET1.1.1.1192.168.2.50xcfe9No error (0)dcjdc5qmbbux7.cloudfront.net108.158.75.13A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.353729963 CET1.1.1.1192.168.2.50xcfe9No error (0)dcjdc5qmbbux7.cloudfront.net108.158.75.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.353729963 CET1.1.1.1192.168.2.50xcfe9No error (0)dcjdc5qmbbux7.cloudfront.net108.158.75.54A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.353729963 CET1.1.1.1192.168.2.50xcfe9No error (0)dcjdc5qmbbux7.cloudfront.net108.158.75.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.355568886 CET1.1.1.1192.168.2.50xae7aNo error (0)www.mczbf.comdcjdc5qmbbux7.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:23.359100103 CET1.1.1.1192.168.2.50x4096No error (0)mstatic.ccleaner.com20.50.2.53A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.027456045 CET1.1.1.1192.168.2.50x3d76No error (0)oms.ccleaner.com2w99epxhne.data.adobedc.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.027468920 CET1.1.1.1192.168.2.50xca3fNo error (0)oms.ccleaner.com2w99epxhne.data.adobedc.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.027468920 CET1.1.1.1192.168.2.50xca3fNo error (0)2w99epxhne.data.adobedc.net63.140.62.27A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.027468920 CET1.1.1.1192.168.2.50xca3fNo error (0)2w99epxhne.data.adobedc.net63.140.62.222A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.027468920 CET1.1.1.1192.168.2.50xca3fNo error (0)2w99epxhne.data.adobedc.net63.140.62.17A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.976855993 CET1.1.1.1192.168.2.50xbf5aNo error (0)tr.outbrain.comalldcs.outbrain.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.976855993 CET1.1.1.1192.168.2.50xbf5aNo error (0)alldcs.outbrain.orgwndc1.outbrain.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:24.976855993 CET1.1.1.1192.168.2.50xbf5aNo error (0)wndc1.outbrain.org172.179.182.7A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.156513929 CET1.1.1.1192.168.2.50x4cb1No error (0)tr.outbrain.comalldcs.outbrain.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.156513929 CET1.1.1.1192.168.2.50x4cb1No error (0)alldcs.outbrain.orgwndc1.outbrain.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.900348902 CET1.1.1.1192.168.2.50x8c83No error (0)cdn-uat.ccleaner.comcdn-uat.ccleaner.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:25.908309937 CET1.1.1.1192.168.2.50x5dd3No error (0)cdn-uat.ccleaner.comcdn-uat.ccleaner.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.045502901 CET1.1.1.1192.168.2.50x7f95No error (0)download.avira.comcdn.avira.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.185066938 CET1.1.1.1192.168.2.50x19c0No error (0)c.go-mpulse.netwildcard46.go-mpulse.net.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.191584110 CET1.1.1.1192.168.2.50xbd50No error (0)s.yimg.comedge.gycpi.b.yahoodns.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.193646908 CET1.1.1.1192.168.2.50xafc3No error (0)s.yimg.comedge.gycpi.b.yahoodns.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.193646908 CET1.1.1.1192.168.2.50xafc3No error (0)edge.gycpi.b.yahoodns.net87.248.114.12A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.193646908 CET1.1.1.1192.168.2.50xafc3No error (0)edge.gycpi.b.yahoodns.net87.248.114.11A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.194439888 CET1.1.1.1192.168.2.50xf184No error (0)www.nortonlifelock.comwww.nortonlifelock.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.194452047 CET1.1.1.1192.168.2.50xec82No error (0)static.ads-twitter.complatform.twitter.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.195205927 CET1.1.1.1192.168.2.50xd95aNo error (0)www.nortonlifelock.comwww.nortonlifelock.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.195296049 CET1.1.1.1192.168.2.50x3899No error (0)amplify.outbrain.comwildcard.outbrain.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.195306063 CET1.1.1.1192.168.2.50x6915No error (0)amplify.outbrain.comwildcard.outbrain.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.197392941 CET1.1.1.1192.168.2.50xd8f9No error (0)static.ads-twitter.complatform.twitter.map.fastly.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.197392941 CET1.1.1.1192.168.2.50xd8f9No error (0)platform.twitter.map.fastly.net146.75.120.157A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.263830900 CET1.1.1.1192.168.2.50x1851No error (0)oms.ccleaner.com2w99epxhne.data.adobedc.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.263845921 CET1.1.1.1192.168.2.50xcaa6No error (0)oms.ccleaner.com2w99epxhne.data.adobedc.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.263845921 CET1.1.1.1192.168.2.50xcaa6No error (0)2w99epxhne.data.adobedc.net63.140.62.17A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.263845921 CET1.1.1.1192.168.2.50xcaa6No error (0)2w99epxhne.data.adobedc.net63.140.62.222A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.263845921 CET1.1.1.1192.168.2.50xcaa6No error (0)2w99epxhne.data.adobedc.net63.140.62.27A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:26.293710947 CET1.1.1.1192.168.2.50x56eaNo error (0)c.go-mpulse.netwildcard46.go-mpulse.net.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.094350100 CET1.1.1.1192.168.2.50xb47eNo error (0)t.co172.66.0.227A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.095405102 CET1.1.1.1192.168.2.50xb58eNo error (0)analytics.twitter.comads.twitter.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.095405102 CET1.1.1.1192.168.2.50xb58eNo error (0)ads.twitter.coms.twitter.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.095405102 CET1.1.1.1192.168.2.50xb58eNo error (0)s.twitter.com104.244.42.195A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.097929955 CET1.1.1.1192.168.2.50xb187No error (0)analytics.twitter.comads.twitter.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.097929955 CET1.1.1.1192.168.2.50xb187No error (0)ads.twitter.coms.twitter.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.190548897 CET1.1.1.1192.168.2.50x4790No error (0)wave.outbrain.comwildcard.outbrain.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.446716070 CET1.1.1.1192.168.2.50xaa28No error (0)snap.licdn.comod.linkedin.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.447567940 CET1.1.1.1192.168.2.50x8135No error (0)snap.licdn.comod.linkedin.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.487843990 CET1.1.1.1192.168.2.50x978No error (0)wave.outbrain.comwildcard.outbrain.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.650331020 CET1.1.1.1192.168.2.50x836fNo error (0)c5.adalyser.compeso-1422535133.eu-west-1.elb.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.650751114 CET1.1.1.1192.168.2.50x56c7No error (0)c5.adalyser.compeso-1422535133.eu-west-1.elb.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.650751114 CET1.1.1.1192.168.2.50x56c7No error (0)peso-1422535133.eu-west-1.elb.amazonaws.com52.209.8.105A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.650751114 CET1.1.1.1192.168.2.50x56c7No error (0)peso-1422535133.eu-west-1.elb.amazonaws.com52.50.80.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:30.650751114 CET1.1.1.1192.168.2.50x56c7No error (0)peso-1422535133.eu-west-1.elb.amazonaws.com54.246.176.126A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.737991095 CET1.1.1.1192.168.2.50x8a7cNo error (0)driver-updater.ff.avast.comdriver-updater-gcp.ff.avast.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:31.737991095 CET1.1.1.1192.168.2.50x8a7cNo error (0)driver-updater-gcp.ff.avast.com34.149.202.126A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.212728977 CET1.1.1.1192.168.2.50x376dNo error (0)connect.facebook.netscontent.xx.fbcdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.212728977 CET1.1.1.1192.168.2.50x376dNo error (0)scontent.xx.fbcdn.net157.240.196.15A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.212812901 CET1.1.1.1192.168.2.50x5932No error (0)connect.facebook.netscontent.xx.fbcdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.212812901 CET1.1.1.1192.168.2.50x5932No error (0)scontent.xx.fbcdn.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.212812901 CET1.1.1.1192.168.2.50x5932No error (0)scontent.xx.fbcdn.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.214015961 CET1.1.1.1192.168.2.50x31abNo error (0)bat-bing-com.ax-0001.ax-msedge.netax-0001.ax-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.214015961 CET1.1.1.1192.168.2.50x31abNo error (0)ax-0001.ax-msedge.net150.171.27.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.214015961 CET1.1.1.1192.168.2.50x31abNo error (0)ax-0001.ax-msedge.net150.171.28.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.767286062 CET1.1.1.1192.168.2.50x6ab8No error (0)static.hotjar.comstatic-cdn.hotjar.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.767286062 CET1.1.1.1192.168.2.50x6ab8No error (0)static-cdn.hotjar.com18.66.102.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.767286062 CET1.1.1.1192.168.2.50x6ab8No error (0)static-cdn.hotjar.com18.66.102.51A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.767286062 CET1.1.1.1192.168.2.50x6ab8No error (0)static-cdn.hotjar.com18.66.102.11A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.767286062 CET1.1.1.1192.168.2.50x6ab8No error (0)static-cdn.hotjar.com18.66.102.53A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.767617941 CET1.1.1.1192.168.2.50x9e91No error (0)static.hotjar.comstatic-cdn.hotjar.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.928423882 CET1.1.1.1192.168.2.50x733aNo error (0)analytics.google.comanalytics-alv.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.928423882 CET1.1.1.1192.168.2.50x733aNo error (0)analytics-alv.google.com216.239.36.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.928423882 CET1.1.1.1192.168.2.50x733aNo error (0)analytics-alv.google.com216.239.32.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.928423882 CET1.1.1.1192.168.2.50x733aNo error (0)analytics-alv.google.com216.239.34.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.928423882 CET1.1.1.1192.168.2.50x733aNo error (0)analytics-alv.google.com216.239.38.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.951136112 CET1.1.1.1192.168.2.50x9284No error (0)idsync.rlcdn.com35.244.154.8A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.952073097 CET1.1.1.1192.168.2.50x7dceNo error (0)td.doubleclick.net172.217.19.2A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.962641001 CET1.1.1.1192.168.2.50x1f0bNo error (0)px.ads.linkedin.comafd-lnkd.www.linkedin.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.962641001 CET1.1.1.1192.168.2.50x1f0bNo error (0)afd-lnkd.www.linkedin.comwww-linkedin-com.l-0005.l-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.965723991 CET1.1.1.1192.168.2.50x2250No error (0)px.ads.linkedin.comafd-lnkd.www.linkedin.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:33.965723991 CET1.1.1.1192.168.2.50x2250No error (0)afd-lnkd.www.linkedin.comwww-linkedin-com.l-0005.l-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.407027960 CET1.1.1.1192.168.2.50x78ecNo error (0)sp.analytics.yahoo.comspdc-global.pbp.gysm.yahoodns.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.407027960 CET1.1.1.1192.168.2.50x78ecNo error (0)spdc-global.pbp.gysm.yahoodns.net54.246.144.89A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.407027960 CET1.1.1.1192.168.2.50x78ecNo error (0)spdc-global.pbp.gysm.yahoodns.net54.171.122.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.407784939 CET1.1.1.1192.168.2.50x4709No error (0)sp.analytics.yahoo.comspdc-global.pbp.gysm.yahoodns.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.637566090 CET1.1.1.1192.168.2.50x66e2No error (0)stats.g.doubleclick.net66.102.1.155A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.637566090 CET1.1.1.1192.168.2.50x66e2No error (0)stats.g.doubleclick.net66.102.1.154A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.637566090 CET1.1.1.1192.168.2.50x66e2No error (0)stats.g.doubleclick.net66.102.1.157A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.637566090 CET1.1.1.1192.168.2.50x66e2No error (0)stats.g.doubleclick.net66.102.1.156A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.644781113 CET1.1.1.1192.168.2.50x5760No error (0)script.hotjar.com13.33.187.74A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.644781113 CET1.1.1.1192.168.2.50x5760No error (0)script.hotjar.com13.33.187.109A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.644781113 CET1.1.1.1192.168.2.50x5760No error (0)script.hotjar.com13.33.187.92A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:36.644781113 CET1.1.1.1192.168.2.50x5760No error (0)script.hotjar.com13.33.187.19A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.003292084 CET1.1.1.1192.168.2.50x5961No error (0)www.facebook.comstar-mini.c10r.facebook.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.003292084 CET1.1.1.1192.168.2.50x5961No error (0)star-mini.c10r.facebook.com157.240.196.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.004400969 CET1.1.1.1192.168.2.50xac82No error (0)www.facebook.comstar-mini.c10r.facebook.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.004400969 CET1.1.1.1192.168.2.50xac82No error (0)star-mini.c10r.facebook.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:38.004400969 CET1.1.1.1192.168.2.50xac82No error (0)star-mini.c10r.facebook.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.740865946 CET1.1.1.1192.168.2.50x3220No error (0)www.linkedin.comafd-cf.www.linkedin.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.740865946 CET1.1.1.1192.168.2.50x3220No error (0)afd-cf.www.linkedin.comwww-linkedin-com.l-0005.l-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.742310047 CET1.1.1.1192.168.2.50xdfcbNo error (0)www.linkedin.comafd-cf.www.linkedin.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:41.742310047 CET1.1.1.1192.168.2.50xdfcbNo error (0)afd-cf.www.linkedin.comwww-linkedin-com.l-0005.l-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.817357063 CET1.1.1.1192.168.2.50xaab5No error (0)www.mczbf.comdcjdc5qmbbux7.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.819350004 CET1.1.1.1192.168.2.50xefd3No error (0)www.mczbf.comdcjdc5qmbbux7.cloudfront.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.819350004 CET1.1.1.1192.168.2.50xefd3No error (0)dcjdc5qmbbux7.cloudfront.net108.158.75.13A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.819350004 CET1.1.1.1192.168.2.50xefd3No error (0)dcjdc5qmbbux7.cloudfront.net108.158.75.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.819350004 CET1.1.1.1192.168.2.50xefd3No error (0)dcjdc5qmbbux7.cloudfront.net108.158.75.54A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.819350004 CET1.1.1.1192.168.2.50xefd3No error (0)dcjdc5qmbbux7.cloudfront.net108.158.75.79A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.819936037 CET1.1.1.1192.168.2.50xb417No error (0)tr.outbrain.comalldcs.outbrain.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.819936037 CET1.1.1.1192.168.2.50xb417No error (0)alldcs.outbrain.orgwndc1.outbrain.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.819936037 CET1.1.1.1192.168.2.50xb417No error (0)wndc1.outbrain.org172.179.182.7A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.820377111 CET1.1.1.1192.168.2.50x9457No error (0)mstatic.ccleaner.com20.50.2.53A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.820841074 CET1.1.1.1192.168.2.50xf617No error (0)tr.outbrain.comalldcs.outbrain.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.820841074 CET1.1.1.1192.168.2.50xf617No error (0)alldcs.outbrain.orgwndc1.outbrain.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.821856022 CET1.1.1.1192.168.2.50xee53No error (0)analytics.twitter.comads.twitter.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.821856022 CET1.1.1.1192.168.2.50xee53No error (0)ads.twitter.coms.twitter.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.821983099 CET1.1.1.1192.168.2.50x1407No error (0)cdn-uat.ccleaner.comcdn-uat.ccleaner.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.822105885 CET1.1.1.1192.168.2.50x30b7No error (0)analytics.twitter.comads.twitter.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.822105885 CET1.1.1.1192.168.2.50x30b7No error (0)ads.twitter.coms.twitter.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.822105885 CET1.1.1.1192.168.2.50x30b7No error (0)s.twitter.com104.244.42.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.822597027 CET1.1.1.1192.168.2.50x2e7bNo error (0)cdn-uat.ccleaner.comcdn-uat.ccleaner.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:44.822846889 CET1.1.1.1192.168.2.50x509No error (0)t.co162.159.140.229A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:46.743390083 CET1.1.1.1192.168.2.50xa256No error (0)ncc.avast.comncc.avast.com.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.453140020 CET1.1.1.1192.168.2.50x42daNo error (0)684d0d45.akstat.iowildcard46.akstat.io.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.465141058 CET1.1.1.1192.168.2.50x5fa3No error (0)684d0d45.akstat.iowildcard46.akstat.io.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.500880957 CET1.1.1.1192.168.2.50x43f0No error (0)trial-eum-clienttons-s.akamaihd.nettrial-eum.cname.clienttons.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.500880957 CET1.1.1.1192.168.2.50x43f0No error (0)trial-eum.cname.clienttons.coma1024.dscg.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.501296043 CET1.1.1.1192.168.2.50xd487No error (0)trial-eum-clientnsv4-s.akamaihd.neta248.b.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.520488024 CET1.1.1.1192.168.2.50xb2c9No error (0)zn4i1jhjmxub1nc6y-gendigital.siteintercept.qualtrics.comsiteintercept.qprod2.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.520488024 CET1.1.1.1192.168.2.50xb2c9No error (0)siteintercept.qprod2.netprodlb.siteintercept.qualtrics.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.532557964 CET1.1.1.1192.168.2.50x9944No error (0)zn4i1jhjmxub1nc6y-gendigital.siteintercept.qualtrics.comsiteintercept.qprod2.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.532557964 CET1.1.1.1192.168.2.50x9944No error (0)siteintercept.qprod2.netprodlb.siteintercept.qualtrics.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.595267057 CET1.1.1.1192.168.2.50x2c7dNo error (0)trial-eum-clientnsv4-s.akamaihd.neta248.b.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.607477903 CET1.1.1.1192.168.2.50xf79aNo error (0)trial-eum-clienttons-s.akamaihd.nettrial-eum.cname.clienttons.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.607477903 CET1.1.1.1192.168.2.50xf79aNo error (0)trial-eum.cname.clienttons.coma1024.dscg.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.828433990 CET1.1.1.1192.168.2.50x3f5No error (0)s1.pir.fms1.pir.fm.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:47.828660965 CET1.1.1.1192.168.2.50x5142No error (0)s1.pir.fms1.pir.fm.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.460918903 CET1.1.1.1192.168.2.50xd2f2No error (0)snap.licdn.comod.linkedin.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.461725950 CET1.1.1.1192.168.2.50x9853No error (0)c5.adalyser.compeso-1422535133.eu-west-1.elb.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.461725950 CET1.1.1.1192.168.2.50x9853No error (0)peso-1422535133.eu-west-1.elb.amazonaws.com52.50.80.142A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.461725950 CET1.1.1.1192.168.2.50x9853No error (0)peso-1422535133.eu-west-1.elb.amazonaws.com54.246.176.126A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.461725950 CET1.1.1.1192.168.2.50x9853No error (0)peso-1422535133.eu-west-1.elb.amazonaws.com52.209.8.105A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.461978912 CET1.1.1.1192.168.2.50xca0fNo error (0)wave.outbrain.comwildcard.outbrain.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.462261915 CET1.1.1.1192.168.2.50xfa56No error (0)wave.outbrain.comwildcard.outbrain.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.462829113 CET1.1.1.1192.168.2.50xf3d0No error (0)snap.licdn.comod.linkedin.edgesuite.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.463213921 CET1.1.1.1192.168.2.50xf6e9No error (0)c5.adalyser.compeso-1422535133.eu-west-1.elb.amazonaws.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.463628054 CET1.1.1.1192.168.2.50x476eNo error (0)connect.facebook.netscontent.xx.fbcdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.463628054 CET1.1.1.1192.168.2.50x476eNo error (0)scontent.xx.fbcdn.net157.240.196.15A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.464055061 CET1.1.1.1192.168.2.50xf62bNo error (0)connect.facebook.netscontent.xx.fbcdn.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.464055061 CET1.1.1.1192.168.2.50xf62bNo error (0)scontent.xx.fbcdn.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.464055061 CET1.1.1.1192.168.2.50xf62bNo error (0)scontent.xx.fbcdn.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.466809988 CET1.1.1.1192.168.2.50xf9a3No error (0)bat-bing-com.ax-0001.ax-msedge.netax-0001.ax-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.466809988 CET1.1.1.1192.168.2.50xf9a3No error (0)ax-0001.ax-msedge.net150.171.27.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.466809988 CET1.1.1.1192.168.2.50xf9a3No error (0)ax-0001.ax-msedge.net150.171.28.10A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.472085953 CET1.1.1.1192.168.2.50x93eaNo error (0)px.ads.linkedin.comafd-lnkd.www.linkedin.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.472085953 CET1.1.1.1192.168.2.50x93eaNo error (0)afd-lnkd.www.linkedin.comwww-linkedin-com.l-0005.l-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.472693920 CET1.1.1.1192.168.2.50xbaecNo error (0)static.hotjar.comstatic-cdn.hotjar.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.472693920 CET1.1.1.1192.168.2.50xbaecNo error (0)static-cdn.hotjar.com18.66.102.106A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.472693920 CET1.1.1.1192.168.2.50xbaecNo error (0)static-cdn.hotjar.com18.66.102.53A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.472693920 CET1.1.1.1192.168.2.50xbaecNo error (0)static-cdn.hotjar.com18.66.102.11A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.472693920 CET1.1.1.1192.168.2.50xbaecNo error (0)static-cdn.hotjar.com18.66.102.51A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.472897053 CET1.1.1.1192.168.2.50x4311No error (0)static.hotjar.comstatic-cdn.hotjar.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.473342896 CET1.1.1.1192.168.2.50xc36bNo error (0)idsync.rlcdn.com35.244.154.8A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.477601051 CET1.1.1.1192.168.2.50xda01No error (0)px.ads.linkedin.comafd-lnkd.www.linkedin.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:49.477601051 CET1.1.1.1192.168.2.50xda01No error (0)afd-lnkd.www.linkedin.comwww-linkedin-com.l-0005.l-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.559381962 CET1.1.1.1192.168.2.50xe456No error (0)siteintercept.qualtrics.comsiteintercept.qprod2.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.559381962 CET1.1.1.1192.168.2.50xe456No error (0)siteintercept.qprod2.netprodlb.siteintercept.qualtrics.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.562074900 CET1.1.1.1192.168.2.50x75c9No error (0)siteintercept.qualtrics.comsiteintercept.qprod2.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:50.562074900 CET1.1.1.1192.168.2.50x75c9No error (0)siteintercept.qprod2.netprodlb.siteintercept.qualtrics.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.105782032 CET1.1.1.1192.168.2.50x1b76No error (0)baxhwsyxgzi4uz2dblsq-p08v2f-49ff2084c-clientnsv4-s.akamaihd.netbaxhwsyxgzi4uz2dblsq-p08v2f-49ff2084c.ipv4-only.cname.clienttons.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.105782032 CET1.1.1.1192.168.2.50x1b76No error (0)baxhwsyxgzi4uz2dblsq-p08v2f-49ff2084c.ipv4-only.cname.clienttons.coma248.b.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.105792999 CET1.1.1.1192.168.2.50x16e2No error (0)baxhwsyxgzi4uz2dblsq-p08v2f-49ff2084c-clientnsv4-s.akamaihd.netbaxhwsyxgzi4uz2dblsq-p08v2f-49ff2084c.ipv4-only.cname.clienttons.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.105792999 CET1.1.1.1192.168.2.50x16e2No error (0)baxhwsyxgzi4uz2dblsq-p08v2f-49ff2084c.ipv4-only.cname.clienttons.coma248.b.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.105880976 CET1.1.1.1192.168.2.50x8fe0No error (0)8-46-123-75_s-2-20-68-230_ts-1732446949-clienttons-s.akamaihd.net8.46.123.75_s-2.20.68.230_ts-1732446949.cname.clienttons.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.105880976 CET1.1.1.1192.168.2.50x8fe0No error (0)8.46.123.75_s-2.20.68.230_ts-1732446949.cname.clienttons.coma1024.dscg.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.106033087 CET1.1.1.1192.168.2.50xd57aNo error (0)8-46-123-75_s-2-20-68-230_ts-1732446949-clienttons-s.akamaihd.net8.46.123.75_s-2.20.68.230_ts-1732446949.cname.clienttons.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.106033087 CET1.1.1.1192.168.2.50xd57aNo error (0)8.46.123.75_s-2.20.68.230_ts-1732446949.cname.clienttons.coma1024.dscg.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.505899906 CET1.1.1.1192.168.2.50x869eNo error (0)ipmcdn.avast.comipmcdn.avast.com.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.729135990 CET1.1.1.1192.168.2.50x28bbNo error (0)analytics.ff.avast.comanalytics-prod-gcp.ff.avast.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:51.729135990 CET1.1.1.1192.168.2.50x28bbNo error (0)analytics-prod-gcp.ff.avast.com34.117.223.223A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.457288027 CET1.1.1.1192.168.2.50xf3f3No error (0)sp.analytics.yahoo.comspdc-global.pbp.gysm.yahoodns.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.457392931 CET1.1.1.1192.168.2.50xde1eNo error (0)sp.analytics.yahoo.comspdc-global.pbp.gysm.yahoodns.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.457392931 CET1.1.1.1192.168.2.50xde1eNo error (0)spdc-global.pbp.gysm.yahoodns.net54.246.144.89A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.457392931 CET1.1.1.1192.168.2.50xde1eNo error (0)spdc-global.pbp.gysm.yahoodns.net54.171.122.26A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.457968950 CET1.1.1.1192.168.2.50xc8ceNo error (0)www.facebook.comstar-mini.c10r.facebook.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.457968950 CET1.1.1.1192.168.2.50xc8ceNo error (0)star-mini.c10r.facebook.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.457968950 CET1.1.1.1192.168.2.50xc8ceNo error (0)star-mini.c10r.facebook.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.458055973 CET1.1.1.1192.168.2.50xdbcNo error (0)www.facebook.comstar-mini.c10r.facebook.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.458055973 CET1.1.1.1192.168.2.50xdbcNo error (0)star-mini.c10r.facebook.com157.240.196.35A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.542901039 CET1.1.1.1192.168.2.50xa952No error (0)zn4i1jhjmxub1nc6y-gendigital.siteintercept.qualtrics.comsiteintercept.qprod2.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.542901039 CET1.1.1.1192.168.2.50xa952No error (0)siteintercept.qprod2.netprodlb.siteintercept.qualtrics.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.544176102 CET1.1.1.1192.168.2.50xd7fbNo error (0)zn4i1jhjmxub1nc6y-gendigital.siteintercept.qualtrics.comsiteintercept.qprod2.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.544176102 CET1.1.1.1192.168.2.50xd7fbNo error (0)siteintercept.qprod2.netprodlb.siteintercept.qualtrics.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.544517994 CET1.1.1.1192.168.2.50x1b39No error (0)s1.pir.fms1.pir.fm.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.546040058 CET1.1.1.1192.168.2.50x6999No error (0)s1.pir.fms1.pir.fm.edgekey.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.546941996 CET1.1.1.1192.168.2.50xd98eNo error (0)siteintercept.qualtrics.comsiteintercept.qprod2.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.546941996 CET1.1.1.1192.168.2.50xd98eNo error (0)siteintercept.qprod2.netprodlb.siteintercept.qualtrics.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.550178051 CET1.1.1.1192.168.2.50x988bNo error (0)8-46-123-75_s-2-20-68-230_ts-1732446949-clienttons-s.akamaihd.net8.46.123.75_s-2.20.68.230_ts-1732446949.cname.clienttons.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.550178051 CET1.1.1.1192.168.2.50x988bNo error (0)8.46.123.75_s-2.20.68.230_ts-1732446949.cname.clienttons.coma1024.dscg.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.550734997 CET1.1.1.1192.168.2.50xb287No error (0)baxhwsyxgzi4uz2dblsq-p08v2f-49ff2084c-clientnsv4-s.akamaihd.netbaxhwsyxgzi4uz2dblsq-p08v2f-49ff2084c.ipv4-only.cname.clienttons.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.550734997 CET1.1.1.1192.168.2.50xb287No error (0)baxhwsyxgzi4uz2dblsq-p08v2f-49ff2084c.ipv4-only.cname.clienttons.coma248.b.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.550787926 CET1.1.1.1192.168.2.50xe403No error (0)8-46-123-75_s-2-20-68-230_ts-1732446949-clienttons-s.akamaihd.net8.46.123.75_s-2.20.68.230_ts-1732446949.cname.clienttons.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.550787926 CET1.1.1.1192.168.2.50xe403No error (0)8.46.123.75_s-2.20.68.230_ts-1732446949.cname.clienttons.coma1024.dscg.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.551440001 CET1.1.1.1192.168.2.50xa7d2No error (0)siteintercept.qualtrics.comsiteintercept.qprod2.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.551440001 CET1.1.1.1192.168.2.50xa7d2No error (0)siteintercept.qprod2.netprodlb.siteintercept.qualtrics.com.cdn.cloudflare.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.553149939 CET1.1.1.1192.168.2.50xfd13No error (0)baxhwsyxgzi4uz2dblsq-p08v2f-49ff2084c-clientnsv4-s.akamaihd.netbaxhwsyxgzi4uz2dblsq-p08v2f-49ff2084c.ipv4-only.cname.clienttons.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:15:56.553149939 CET1.1.1.1192.168.2.50xfd13No error (0)baxhwsyxgzi4uz2dblsq-p08v2f-49ff2084c.ipv4-only.cname.clienttons.coma248.b.akamai.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:15.110208988 CET1.1.1.1192.168.2.50x38d7No error (0)analytics.ff.avast.comanalytics-prod-gcp.ff.avast.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                                                                                Nov 24, 2024 12:16:15.110208988 CET1.1.1.1192.168.2.50x38d7No error (0)analytics-prod-gcp.ff.avast.com34.117.223.223A (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                                                                                                                HTTPS Proxied Packets

                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                0192.168.2.54970834.117.223.2234434500C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:20 UTC164OUTPOST /receive3 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-enc-sb
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Avast Antivirus
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 329
                                                                                                                                                                                                                                                                                                                                                                                Host: analytics.avcdn.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:20 UTC329OUTData Raw: 0a c6 02 0a 68 42 40 31 46 32 43 43 41 44 33 38 31 32 36 35 36 43 34 39 33 30 36 30 38 33 33 37 43 34 46 42 34 41 35 44 41 39 32 30 32 44 45 31 37 41 46 35 36 35 36 34 37 37 30 32 41 38 33 45 33 46 43 46 33 42 30 4a 24 61 61 32 63 38 36 61 61 2d 37 66 63 35 2d 34 63 38 65 2d 61 36 39 64 2d 31 39 61 37 64 62 63 30 62 37 32 61 12 85 01 0a 03 3b 06 01 10 92 aa 98 f4 0c 28 d7 04 5a 73 08 0a 10 00 18 e5 94 01 20 01 28 00 32 24 66 36 66 65 39 66 30 61 2d 35 31 33 38 2d 34 37 37 63 2d 62 37 34 61 2d 37 63 36 33 62 35 35 34 65 62 33 39 38 00 42 2c 50 48 58 4a 2d 51 43 4d 51 2d 49 59 49 32 2d 33 44 34 56 2d 59 56 5a 42 2d 48 57 38 50 2d 53 45 45 48 2d 5a 4d 49 34 2d 35 5a 37 45 48 01 52 00 58 00 60 32 6a 00 72 00 78 00 82 01 00 60 01 22 46 12 0a 36 2e 33 30 2e 31
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: hB@1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0J$aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a;(Zs (2$f6fe9f0a-5138-477c-b74a-7c63b554eb398B,PHXJ-QCMQ-IYI2-3D4V-YVZB-HW8P-SEEH-ZMI4-5Z7EHRX`2jrx`"F6.30.1
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:21 UTC255INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:21 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 24
                                                                                                                                                                                                                                                                                                                                                                                X-ASW-Receiver-Ack: processed
                                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:21 UTC24INData Raw: 52 65 63 65 69 76 65 72 2d 41 63 6b 3a 20 70 72 6f 63 65 73 73 65 64 0a
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: Receiver-Ack: processed


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                1192.168.2.54970913.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:22 UTC195OUTGET /rules/other-Win32-v19.bundle HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:23 UTC471INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:23 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 218853
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Sat, 23 Nov 2024 12:15:37 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DD0BB889D4282C"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 19b35b80-c01e-0049-150a-3eac27000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111423Z-174c587ffdf6b487hC1TEBydsn000000046000000000h0a3
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:23 UTC15913INData Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:23 UTC16384INData Raw: 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L> <S T="1" F="0" /> </L> <R> <V V="400" T="I32" />
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:23 UTC16384INData Raw: 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d 62 65 34 34 2d 62 36 61 64 35 62 64 64 63 35 62 36 2d 37 38 31 33 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54 65 6c 65 6d 65 74 72 79 53 68 75 74 64 6f 77 6e 22 20 2f 3e 0d
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: .0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-be44-b6ad5bddc5b6-7813" DCa="PSU" xmlns=""> <S> <A T="1" E="TelemetryShutdown" />
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:23 UTC16384INData Raw: 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 31 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 46 69 6c 65 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 38 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" /> </C> <C T="U32" I="11" O="true" N="File_Count"> <S T="8" F="Count" /> </C>
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:23 UTC16384INData Raw: 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 52 65 73 75 6c 74 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 32 22 20 2f 3e 0d 0a 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32" I="2" O="false" N="Count_CreateResult_ValidPersona_False"> <C> <S T="12" />
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:23 UTC16384INData Raw: 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6c 65 61 6e 75 70 4d 73 6f 50 65 72 73 6f 6e 61 5f 49 4d 73 6f 50 65 72 73 6f 6e
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S T="33" /> </C> </C> <C T="U32" I="21" O="false" N="CleanupMsoPersona_IMsoPerson
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:23 UTC16384INData Raw: 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="400"
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:23 UTC16384INData Raw: 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 46 61 69 6c 65 64 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false" N="Ocom2IUCOfficeIntegrationFirstCallFailedCount"> <C> <S T="10" /> </C
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:23 UTC16384INData Raw: 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 66 61 6c 73 65 22 20 54 3d 22 42 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" /> </L> <R> <V V="false" T="B" /> </R>
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:23 UTC16384INData Raw: 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: us" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T="GE"> <L> <S T="2" F="HttpStatus" /> </L>


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                2192.168.2.54971234.111.24.14434500C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:23 UTC421OUTGET /?p_elm=76&action=1&p_age=0&p_bau=0&p_bsls=0&p_chcc=2&p_chr=0&p_dvt=3&p_fds=172544&p_gis=0&p_hid=aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a&p_lid=en-CH&p_lng=en&p_midex=1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0&p_osv=10.0&p_pro=90&p_sbi=0&p_scbu=0&p_tos=0&p_vbd=11385&p_vep=6&p_ves=30&p_wid=1675281926 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Avast Antivirus
                                                                                                                                                                                                                                                                                                                                                                                Host: ipm-provider.ff.avast.com
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:24 UTC696INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:24 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                IPM-Asset-Base-URL: https://ipm-static.avcdn.net/content-assets-prod/,https://ipmcdn.avast.com/images/
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                Expires: 0
                                                                                                                                                                                                                                                                                                                                                                                Content-Identifier: Do not track element
                                                                                                                                                                                                                                                                                                                                                                                ETag: W/1505
                                                                                                                                                                                                                                                                                                                                                                                Set-Cookie: ClientId=6cf3d2ac-bf28-4f57-80cd-60ae9393131d; Max-Age=63072000; Expires=Tue, 24 Nov 2026 11:14:24 GMT; Secure; SameSite=None
                                                                                                                                                                                                                                                                                                                                                                                Set-Cookie: ClientId=6cf3d2ac-bf28-4f57-80cd-60ae9393131d; Max-Age=63072000; Expires=Tue, 24 Nov 2026 11:14:24 GMT; Secure; SameSite=None
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 0
                                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                Alt-Svc: clear
                                                                                                                                                                                                                                                                                                                                                                                Connection: close


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                3192.168.2.5497104.245.163.56443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:25 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=GRl3eG9fkn88GgF&MD=UgZxxMnN HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                                                                                                                                                                                                                                                                Host: slscr.update.microsoft.com
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:25 UTC560INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                Expires: -1
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                                                                                                                                                                                                                                                                                                                                                                                MS-CorrelationId: fa23b11d-48cc-4d01-912b-fb8f5ce0508b
                                                                                                                                                                                                                                                                                                                                                                                MS-RequestId: 38fd7aa6-eb2e-4790-8539-5ef0c37d5539
                                                                                                                                                                                                                                                                                                                                                                                MS-CV: opIB1zOo0kydRnh5.0
                                                                                                                                                                                                                                                                                                                                                                                X-Microsoft-SLSClientCache: 2880
                                                                                                                                                                                                                                                                                                                                                                                Content-Disposition: attachment; filename=environment.cab
                                                                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:25 GMT
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 24490
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:25 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:25 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                4192.168.2.54971413.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:25 UTC193OUTGET /rules/rule120402v21s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:26 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:25 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 3788
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BAC2126A6"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 5299024a-c01e-0079-4d47-3ce51a000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111425Z-174c587ffdfdwxdvhC1TEB1c4n000000045g00000000h1nq
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:26 UTC3788INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                5192.168.2.54971813.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:25 UTC192OUTGET /rules/rule120608v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:26 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:25 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 2160
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA3B95D81"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 2aa1f1ad-b01e-003d-7c43-3cd32c000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111425Z-174c587ffdfb485jhC1TEBmc1s000000049g0000000001pc
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:26 UTC2160INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                6192.168.2.54971513.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:25 UTC192OUTGET /rules/rule120600v4s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:26 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:26 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 2980
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA80D96A1"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: d279acb6-501e-0029-6110-3dd0b8000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111426Z-178bfbc474bpscmfhC1NYCfc2c00000004hg0000000025pp
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:26 UTC2980INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 30 22 20 56 3d 22 34 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 44 65 76 69 63 65 43 6f 6e 73 6f 6c 69 64 61 74 65 64 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120600" V="4" DC="SM" EN="Office.System.SystemHealthMetadataDeviceConsolidated" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC"


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                7192.168.2.54971613.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:25 UTC192OUTGET /rules/rule224902v2s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:26 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:26 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 450
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:25 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BD4C869AE"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 05856cf7-f01e-0020-4060-3b956b000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111426Z-178bfbc474bmqmgjhC1NYCy16c00000005y0000000006ut7
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:26 UTC450INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 32 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 55 54 53 20 54 3d 22 32 22 20 49 64 3d 22 62 62 72 35 71 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 61 33 36 61 39 37 30 64 2d 34 35 61 39 2d 34 65 30 64 2d 39 63 61 62 2d 32 61 32 33 35 63 63 39 64 37 63 36 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 47 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 4e
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224902" V="2" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120100" /> <UTS T="2" Id="bbr5q" /> <SS T="3" G="{a36a970d-45a9-4e0d-9cab-2a235cc9d7c6}" /> </S> <C T="G" I="0" O="falseN


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                8192.168.2.54971713.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:25 UTC192OUTGET /rules/rule120609v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:26 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:26 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 408
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB56D3AFB"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: f3d0c3d3-f01e-003c-676b-3b8cf0000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111426Z-178bfbc474b7cbwqhC1NYC8z4n00000005pg00000000cpea
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:26 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 44 64 5d 5b 45 65 5d 5b 4c 6c 5d 5b 4c 6c 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120609" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120682" /> <SR T="2" R="^([Dd][Ee][Ll][Ll])"> <S T="1" F="0" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                9192.168.2.54972213.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:27 UTC192OUTGET /rules/rule120611v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:28 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:28 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 415
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:56 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9F6F3512"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: a6bfa609-001e-00a2-4d66-3bd4d5000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111428Z-178bfbc474bp8mkvhC1NYCzqnn00000005ng00000000aaun
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:28 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4c 6c 5d 5b 45 65 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 56 76 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120611" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <SR T="2" R="([Ll][Ee][Nn][Oo][Vv][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                10192.168.2.54972113.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:28 UTC192OUTGET /rules/rule120610v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:28 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:28 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 474
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9964B277"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 4712fcc8-d01e-002b-279a-3b25fb000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111428Z-174c587ffdfgcs66hC1TEB69cs000000045g00000000c5p3
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:28 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120610" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120609" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                11192.168.2.54972313.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:28 UTC192OUTGET /rules/rule120612v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:28 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:28 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 471
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB10C598B"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: e9522a88-801e-0067-2316-3dfe30000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111428Z-178bfbc474bv587zhC1NYCny5w00000005tg000000003ygx
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:28 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                12192.168.2.54972413.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:28 UTC192OUTGET /rules/rule120613v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:28 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:28 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 632
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB6E3779E"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: d8f13441-a01e-0021-5e2d-3c814c000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111428Z-178bfbc474b9xljthC1NYCtw9400000005sg000000007fcc
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:28 UTC632INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 48 68 5d 5b 50 70 5d 28 5b 5e 45 5d 7c 24 29 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 33 22 20 52 3d 22 28 5b 48 68 5d 5b 45 65 5d 5b 57 77 5d 5b 4c 6c 5d 5b 45 65 5d
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120613" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <SR T="2" R="^([Hh][Pp]([^E]|$))"> <S T="1" F="1" M="Ignore" /> </SR> <SR T="3" R="([Hh][Ee][Ww][Ll][Ee]


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                13192.168.2.54972513.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:28 UTC192OUTGET /rules/rule120614v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:28 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:28 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 467
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA6C038BC"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: b056c714-b01e-001e-5ea2-3d0214000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111428Z-15b8b599d889fz52hC1TEB59as00000004bg000000006gmt
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:28 UTC467INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                14192.168.2.54972713.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:30 UTC192OUTGET /rules/rule120615v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:30 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:30 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 407
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BBAD04B7B"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: bddf9f2e-a01e-0002-120c-3d5074000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111430Z-178bfbc474brk967hC1NYCfu6000000005k000000000ce0x
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:30 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 53 73 5d 5b 55 75 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120615" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <SR T="2" R="([Aa][Ss][Uu][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                15192.168.2.54972913.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:30 UTC192OUTGET /rules/rule120617v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:30 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:30 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 427
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:02 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA310DA18"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 6171fc9e-701e-000d-441c-3d6de3000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111430Z-178bfbc474bbcwv4hC1NYCypys00000005r0000000006t8z
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:30 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120617" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                16192.168.2.54973013.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:30 UTC192OUTGET /rules/rule120618v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:30 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:30 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 486
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:30 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9018290B"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: aff2abcc-f01e-0003-4547-3c4453000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111430Z-178bfbc474bgvl54hC1NYCsfuw00000005sg00000000cs6k
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:30 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120618" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                17192.168.2.54972813.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:30 UTC192OUTGET /rules/rule120616v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:30 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:30 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 486
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB344914B"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: d58f6c79-601e-00ab-760a-3e66f4000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111430Z-178bfbc474bnwsh4hC1NYC2ubs0000000610000000002arg
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:30 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120616" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120615" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                18192.168.2.54973113.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:30 UTC192OUTGET /rules/rule120619v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:30 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:30 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 407
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:41 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9698189B"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 5b0f4dfe-c01e-00a1-3715-3d7e4a000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111430Z-178bfbc474bbcwv4hC1NYCypys00000005t0000000003vzy
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:30 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 43 63 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120619" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120617" /> <SR T="2" R="([Aa][Cc][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                19192.168.2.54973213.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:32 UTC192OUTGET /rules/rule120620v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:32 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:32 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 469
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BBA701121"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 154b25de-a01e-006f-2503-3e13cd000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111432Z-178bfbc474bgvl54hC1NYCsfuw00000005x0000000003ywa
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:32 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120620" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                20192.168.2.54973513.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:32 UTC192OUTGET /rules/rule120623v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:33 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:32 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 464
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B97FB6C3C"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 8189730a-201e-0003-216a-3bf85a000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111432Z-178bfbc474bwh9gmhC1NYCy3rs0000000610000000002czf
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:33 UTC464INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 49 69 5d 5b 47 67 5d 5b 41 61 5d 5b 42 62 5d 5b 59 79 5d 5b 54 74 5d 5b 45 65 5d 20 5b 54 74 5d 5b 45 65 5d 5b 43 63 5d 5b 48 68 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 47 67 5d 5b 59 79 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120623" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <SR T="2" R="([Gg][Ii][Gg][Aa][Bb][Yy][Tt][Ee] [Tt][Ee][Cc][Hh][Nn][Oo][Ll][Oo][Gg][Yy])"> <S T="1" F="1" M="Ignor


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                21192.168.2.54973613.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:32 UTC192OUTGET /rules/rule120624v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:33 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:33 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 494
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB7010D66"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 44e9982d-301e-001f-6639-3caa3a000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111433Z-15b8b599d889fz52hC1TEB59as00000004e00000000012kp
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:33 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120624" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                22192.168.2.54973413.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:32 UTC192OUTGET /rules/rule120621v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:33 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:33 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 415
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA41997E3"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: b82db7f7-b01e-0053-188c-3acdf8000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111433Z-174c587ffdfdwxdvhC1TEB1c4n00000004a0000000006kcm
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:33 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 56 76 5d 5b 4d 6d 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120621" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120619" /> <SR T="2" R="([Vv][Mm][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                23192.168.2.54973313.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:32 UTC192OUTGET /rules/rule120622v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:33 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:33 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 477
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB8CEAC16"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: f380030e-501e-007b-0625-3d5ba2000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111433Z-178bfbc474bp8mkvhC1NYCzqnn00000005n000000000b4np
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:33 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120622" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120621" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                24192.168.2.54973734.160.176.284434500C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:33 UTC323OUTGET /?p_vep=6&p_ves=30&p_vbd=11385&p_lit=0&p_midex=1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0&p_hid=aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a&p_pro=90&p_osv=10.0&p_gksw=0&p_lng=en&p_lid=en-us HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/4.0 (CCleaner, 6.30.11385)
                                                                                                                                                                                                                                                                                                                                                                                Host: shepherd.ff.avast.com
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:33 UTC1261INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:33 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1452
                                                                                                                                                                                                                                                                                                                                                                                Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                                                Access-Control-Expose-Headers: Config-Id, Config-Name, Config-Version, Segments, AB-Tests, TTL, TTL-Spread
                                                                                                                                                                                                                                                                                                                                                                                Config-Id: 33
                                                                                                                                                                                                                                                                                                                                                                                Config-Name: CCleaner_cc-ui-launch-in-the-background_cloud-cleaning-tools_distribution---driver-updater_distribution---google-drive-debug_distribution---hc-add-results-flow_hcv2-rollout_distribution---notification-centre_distribution---opswatsoftwareupdater_distribution---opswatsoftwareupdaterhc_feedback---performance-optimizer_distribution---easy-clean-ipm_showoffers3rdparty---usa-opt-out_surveygroupuninstall-a78374a0e148675cf7b0a03dcc66e539309af417e423c4fa6ca18ea2c5e7396d
                                                                                                                                                                                                                                                                                                                                                                                Config-Version: 321
                                                                                                                                                                                                                                                                                                                                                                                Segments: cc ui launch in the background,cloud cleaning tools,distribution - driver updater,distribution - google drive debug,distribution - hc add results flow,hcv2 rollout,distribution - notification centre,distribution - opswatsoftwareupdater,distribution - opswatsoftwareupdaterhc,feedback - performance optimizer,distribution - easy clean ipm,showoffers3rdparty - usa opt-out,surveygroupuninstall
                                                                                                                                                                                                                                                                                                                                                                                TTL: 86400
                                                                                                                                                                                                                                                                                                                                                                                TTL-Spread: 43200
                                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                Alt-Svc: clear
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:33 UTC1390INData Raw: 5b 45 6e 63 72 79 70 74 5d 0d 0a 43 43 50 4f 43 3d 44 49 53 41 42 4c 45 44 0d 0a 44 54 4e 50 3d 31 32 30 30 0d 0a 44 55 4e 50 3d 39 30 30 0d 0a 5b 43 6f 6d 6d 6f 6e 5d 0d 0a 41 6c 70 68 61 49 6e 74 65 67 72 61 74 69 6f 6e 3d 31 0d 0a 41 6c 70 68 61 4d 69 67 72 61 74 69 6f 6e 3d 31 0d 0a 41 55 32 3d 31 0d 0a 41 55 54 4e 56 3d 30 0d 0a 43 43 41 4d 3d 44 49 53 41 42 4c 45 44 0d 0a 43 43 4e 55 3d 30 0d 0a 43 43 54 3d 45 4e 41 42 4c 45 44 32 0d 0a 44 72 69 76 65 72 53 63 61 6e 49 6e 74 65 72 76 61 6c 3d 37 0d 0a 44 72 69 76 65 72 55 70 64 61 74 65 72 3d 31 0d 0a 44 72 69 76 65 72 55 70 64 61 74 65 72 56 65 72 73 69 6f 6e 3d 31 0d 0a 44 75 6d 70 52 65 70 6f 72 74 69 6e 67 3d 31 0d 0a 44 55 53 6b 69 70 4f 6e 62 6f 61 72 64 69 6e 67 3d 30 0d 0a 47 44 44 45 42 55
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: [Encrypt]CCPOC=DISABLEDDTNP=1200DUNP=900[Common]AlphaIntegration=1AlphaMigration=1AU2=1AUTNV=0CCAM=DISABLEDCCNU=0CCT=ENABLED2DriverScanInterval=7DriverUpdater=1DriverUpdaterVersion=1DumpReporting=1DUSkipOnboarding=0GDDEBU
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:33 UTC62INData Raw: 44 36 43 34 44 33 43 41 46 34 46 39 30 45 35 38 34 44 33 35 34 37 41 33 46 32 30 31 38 41 31 39 35 35 45 37 46 31 31 44 31 46 43 44 37 43 31 38 42 37 36 37 35 39 41 53 57 53 69 67 32 41
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: D6C4D3CAF4F90E584D3547A3F2018A1955E7F11D1FCD7C18B76759ASWSig2A


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                25192.168.2.54973813.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:34 UTC192OUTGET /rules/rule120625v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:34 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:34 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 419
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:42 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9748630E"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 5931471e-001e-0046-7a23-3dda4b000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111434Z-178bfbc474b9xljthC1NYCtw9400000005wg0000000013q5
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:34 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 46 66 5d 5b 55 75 5d 5b 4a 6a 5d 5b 49 69 5d 5b 54 74 5d 5b 53 73 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120625" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120623" /> <SR T="2" R="([Ff][Uu][Jj][Ii][Tt][Ss][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                26192.168.2.54974334.117.223.2234434500C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:34 UTC164OUTPOST /receive3 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-enc-sb
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Avast Antivirus
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 231
                                                                                                                                                                                                                                                                                                                                                                                Host: analytics.avcdn.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:34 UTC231OUTData Raw: 0a e4 01 0a 68 42 40 31 46 32 43 43 41 44 33 38 31 32 36 35 36 43 34 39 33 30 36 30 38 33 33 37 43 34 46 42 34 41 35 44 41 39 32 30 32 44 45 31 37 41 46 35 36 35 36 34 37 37 30 32 41 38 33 45 33 46 43 46 33 42 30 4a 24 61 61 32 63 38 36 61 61 2d 37 66 63 35 2d 34 63 38 65 2d 61 36 39 64 2d 31 39 61 37 64 62 63 30 62 37 32 61 12 24 0a 03 3b 09 01 10 a8 ab 98 f4 0c 28 d7 04 5a 12 08 c3 65 12 0d 0a 09 28 43 66 67 29 57 56 32 49 10 04 60 01 22 46 12 0a 36 2e 33 30 2e 31 31 33 38 35 18 01 22 2f 31 30 2e 30 20 28 42 75 69 6c 64 20 31 39 30 34 35 2c 20 52 65 6c 65 61 73 65 20 32 30 30 39 2c 20 55 42 52 20 32 30 30 36 2c 20 78 36 34 29 38 68 40 00 48 f6 04 40 12 52 08 08 01 10 d4 95 8c ba 06
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: hB@1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0J$aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a$;(Ze(Cfg)WV2I`"F6.30.11385"/10.0 (Build 19045, Release 2009, UBR 2006, x64)8h@H@R
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:35 UTC255INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:35 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 24
                                                                                                                                                                                                                                                                                                                                                                                X-ASW-Receiver-Ack: processed
                                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:35 UTC24INData Raw: 52 65 63 65 69 76 65 72 2d 41 63 6b 3a 20 70 72 6f 63 65 73 73 65 64 0a
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: Receiver-Ack: processed


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                27192.168.2.54973913.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:34 UTC192OUTGET /rules/rule120626v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:35 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:35 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 472
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9DACDF62"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 7a05741d-701e-0021-0754-3c3d45000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111435Z-15b8b599d88wk8w4hC1TEB14b800000004c0000000008vbg
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:35 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120626" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                28192.168.2.54974013.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:34 UTC192OUTGET /rules/rule120627v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:35 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:35 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 404
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:54 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9E8EE0F3"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 561b455d-701e-003e-353f-3e79b3000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111435Z-178bfbc474bp8mkvhC1NYCzqnn00000005q00000000085nk
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:35 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4e 6e 5d 5b 45 65 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120627" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120625" /> <SR T="2" R="^([Nn][Ee][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                29192.168.2.54974113.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:35 UTC192OUTGET /rules/rule120629v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:35 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:35 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 428
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BAC4F34CA"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 876ff6fa-901e-00a0-47eb-3d6a6d000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111435Z-178bfbc474bwh9gmhC1NYCy3rs00000005v000000000c5y8
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:35 UTC428INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 2d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120629" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <SR T="2" R="([Mm][Ii][Cc][Rr][Oo]-[Ss][Tt][Aa][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                30192.168.2.54974213.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:35 UTC192OUTGET /rules/rule120628v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:35 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:35 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 468
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9C8E04C8"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 6ea5360a-801e-002a-4904-3e31dc000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111435Z-178bfbc474b7cbwqhC1NYC8z4n00000005r0000000009dy0
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:35 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 32 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120628" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120627" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                31192.168.2.54974413.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:36 UTC192OUTGET /rules/rule120630v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:37 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:36 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 499
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:45 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B98CEC9F6"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: be70ec4e-301e-000c-088c-3a323f000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111436Z-174c587ffdf8lw6dhC1TEBkgs800000004ag00000000asz3
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:37 UTC499INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120630" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                32192.168.2.54974734.117.223.2234434500C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:36 UTC164OUTPOST /receive3 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-enc-sb
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Avast Antivirus
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 329
                                                                                                                                                                                                                                                                                                                                                                                Host: analytics.avcdn.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:36 UTC329OUTData Raw: 0a c6 02 0a 68 42 40 31 46 32 43 43 41 44 33 38 31 32 36 35 36 43 34 39 33 30 36 30 38 33 33 37 43 34 46 42 34 41 35 44 41 39 32 30 32 44 45 31 37 41 46 35 36 35 36 34 37 37 30 32 41 38 33 45 33 46 43 46 33 42 30 4a 24 61 61 32 63 38 36 61 61 2d 37 66 63 35 2d 34 63 38 65 2d 61 36 39 64 2d 31 39 61 37 64 62 63 30 62 37 32 61 12 85 01 0a 03 3b 06 02 10 ac ab 98 f4 0c 28 d7 04 5a 73 08 0a 10 00 18 e5 94 01 20 01 28 00 32 24 66 36 66 65 39 66 30 61 2d 35 31 33 38 2d 34 37 37 63 2d 62 37 34 61 2d 37 63 36 33 62 35 35 34 65 62 33 39 38 00 42 2c 50 48 58 4a 2d 51 43 4d 51 2d 49 59 49 32 2d 33 44 34 56 2d 59 56 5a 42 2d 48 57 38 50 2d 53 45 45 48 2d 5a 4d 49 34 2d 35 5a 37 45 48 01 52 00 58 00 60 32 6a 00 72 00 78 00 82 01 00 60 01 22 46 12 0a 36 2e 33 30 2e 31
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: hB@1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0J$aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a;(Zs (2$f6fe9f0a-5138-477c-b74a-7c63b554eb398B,PHXJ-QCMQ-IYI2-3D4V-YVZB-HW8P-SEEH-ZMI4-5Z7EHRX`2jrx`"F6.30.1
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:37 UTC255INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:36 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 24
                                                                                                                                                                                                                                                                                                                                                                                X-ASW-Receiver-Ack: processed
                                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:37 UTC24INData Raw: 52 65 63 65 69 76 65 72 2d 41 63 6b 3a 20 70 72 6f 63 65 73 73 65 64 0a
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: Receiver-Ack: processed


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                33192.168.2.54974513.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:37 UTC192OUTGET /rules/rule120631v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:37 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:37 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 415
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B988EBD12"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 6a83a5f2-e01e-000c-157b-3b8e36000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111437Z-174c587ffdfb5q56hC1TEB04kg00000004bg000000002wun
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:37 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 32 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 48 68 5d 5b 55 75 5d 5b 41 61 5d 5b 57 77 5d 5b 45 65 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120631" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120629" /> <SR T="2" R="([Hh][Uu][Aa][Ww][Ee][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                34192.168.2.54974613.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:37 UTC192OUTGET /rules/rule120632v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:37 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:37 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 471
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB5815C4C"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 9906faf6-f01e-0052-624b-3c9224000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111437Z-15b8b599d882hxlwhC1TEBfa5w00000004a00000000049cb
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:37 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120632" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                35192.168.2.54974813.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:37 UTC192OUTGET /rules/rule120633v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:37 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:37 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 419
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB32BB5CB"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 15a67567-d01e-0066-07eb-3bea17000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111437Z-15b8b599d88l2dpthC1TEBmzr0000000049000000000a110
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:37 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 53 73 5d 5b 41 61 5d 5b 4d 6d 5d 5b 53 73 5d 5b 55 75 5d 5b 4e 6e 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120633" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120631" /> <SR T="2" R="([Ss][Aa][Mm][Ss][Uu][Nn][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                36192.168.2.54974913.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:37 UTC192OUTGET /rules/rule120634v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:37 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:37 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 494
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:38 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB8972972"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: db42c49d-901e-007b-4a2f-3cac50000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111437Z-178bfbc474b9fdhphC1NYCac0n00000005xg000000000cu3
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:37 UTC494INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120634" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                37192.168.2.54975013.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:38 UTC192OUTGET /rules/rule120635v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:39 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:39 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 420
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:53 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9DAE3EC0"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 81672928-a01e-001e-4184-3b49ef000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111439Z-174c587ffdfb485jhC1TEBmc1s000000045g00000000a8nt
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:39 UTC420INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 54 74 5d 5b 4f 6f 5d 5b 53 73 5d 5b 48 68 5d 5b 49 69 5d 5b 42 62 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120635" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120633" /> <SR T="2" R="^([Tt][Oo][Ss][Hh][Ii][Bb][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                38192.168.2.54975113.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:39 UTC192OUTGET /rules/rule120636v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:39 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:39 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 472
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9D43097E"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: e805473a-a01e-0084-650a-3e9ccd000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111439Z-178bfbc474bfw4gbhC1NYCunf400000005z00000000024uk
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:39 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120636" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                39192.168.2.54975213.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:39 UTC192OUTGET /rules/rule120637v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:39 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:39 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 427
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:12 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA909FA21"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 917a58a9-c01e-0066-7448-3da1ec000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111439Z-15b8b599d88f9wfchC1TEBm2kc00000004f00000000092tc
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:39 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 4e 6e 5d 5b 41 61 5d 5b 53 73 5d 5b 4f 6f 5d 5b 4e 6e 5d 5b 49 69 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120637" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120635" /> <SR T="2" R="([Pp][Aa][Nn][Aa][Ss][Oo][Nn][Ii][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                40192.168.2.54975513.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:39 UTC192OUTGET /rules/rule120639v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:40 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:40 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 423
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:36 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB7564CE8"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 043e45ca-501e-0078-1031-3e06cf000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111440Z-178bfbc474bv587zhC1NYCny5w00000005r0000000007vz7
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:40 UTC423INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 44 64 5d 5b 59 79 5d 5b 4e 6e 5d 5b 41 61 5d 5b 42 62 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120639" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <SR T="2" R="([Dd][Yy][Nn][Aa][Bb][Oo][Oo][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                41192.168.2.54975413.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:39 UTC192OUTGET /rules/rule120638v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:40 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:40 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 486
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:35 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B92FCB436"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 242b2616-d01e-0017-014e-3cb035000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111440Z-15b8b599d889fz52hC1TEB59as000000047000000000ga60
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:40 UTC486INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 33 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120638" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120637" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                42192.168.2.54975613.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:41 UTC192OUTGET /rules/rule120640v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:42 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:41 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 478
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:48 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9B233827"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 35c17bb4-f01e-0052-536c-3d9224000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111441Z-15b8b599d88hd9g7hC1TEBp75c000000049g000000009z33
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:42 UTC478INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120640" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                43192.168.2.54975713.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:41 UTC192OUTGET /rules/rule120641v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:42 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:41 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 404
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B95C61A3C"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: b7a4c0f2-401e-0064-554c-3c54af000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111441Z-15b8b599d889fz52hC1TEB59as00000004b0000000007055
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:42 UTC404INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 33 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4d 6d 5d 5b 53 73 5d 5b 49 69 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120641" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120639" /> <SR T="2" R="^([Mm][Ss][Ii])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                44192.168.2.54975813.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:41 UTC192OUTGET /rules/rule120642v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:42 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:41 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 468
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:24 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB046B576"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 20e2cd06-701e-005c-2869-3bbb94000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111441Z-178bfbc474b9xljthC1NYCtw9400000005s000000000891u
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:42 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120642" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                45192.168.2.54975913.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:42 UTC192OUTGET /rules/rule120643v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:42 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:42 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 400
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB2D62837"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: ab3f6f35-201e-0085-2728-3d34e3000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111442Z-15b8b599d88g5tp8hC1TEByx6w00000004c00000000055mk
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:42 UTC400INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 4c 6c 5d 5b 47 67 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120643" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120641" /> <SR T="2" R="^([Ll][Gg])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <S T="


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                46192.168.2.54976113.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:42 UTC192OUTGET /rules/rule120644v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:42 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:42 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 479
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB7D702D0"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 171ae584-101e-005a-6763-3b882b000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111442Z-178bfbc474bpscmfhC1NYCfc2c00000004gg000000003a5g
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:42 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120644" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                47192.168.2.54976534.160.176.284434500C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:43 UTC323OUTGET /?p_vep=6&p_ves=30&p_vbd=11385&p_lit=0&p_midex=1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0&p_hid=aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a&p_pro=90&p_osv=10.0&p_gksw=0&p_lng=en&p_lid=en-us HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/4.0 (CCleaner, 6.30.11385)
                                                                                                                                                                                                                                                                                                                                                                                Host: shepherd.ff.avast.com
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:44 UTC1261INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:43 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/plain
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1452
                                                                                                                                                                                                                                                                                                                                                                                Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                                                Access-Control-Expose-Headers: Config-Id, Config-Name, Config-Version, Segments, AB-Tests, TTL, TTL-Spread
                                                                                                                                                                                                                                                                                                                                                                                Config-Id: 33
                                                                                                                                                                                                                                                                                                                                                                                Config-Name: CCleaner_cc-ui-launch-in-the-background_cloud-cleaning-tools_distribution---driver-updater_distribution---google-drive-debug_distribution---hc-add-results-flow_hcv2-rollout_distribution---notification-centre_distribution---opswatsoftwareupdater_distribution---opswatsoftwareupdaterhc_feedback---performance-optimizer_distribution---easy-clean-ipm_showoffers3rdparty---usa-opt-out_surveygroupuninstall-a78374a0e148675cf7b0a03dcc66e539309af417e423c4fa6ca18ea2c5e7396d
                                                                                                                                                                                                                                                                                                                                                                                Config-Version: 321
                                                                                                                                                                                                                                                                                                                                                                                Segments: cc ui launch in the background,cloud cleaning tools,distribution - driver updater,distribution - google drive debug,distribution - hc add results flow,hcv2 rollout,distribution - notification centre,distribution - opswatsoftwareupdater,distribution - opswatsoftwareupdaterhc,feedback - performance optimizer,distribution - easy clean ipm,showoffers3rdparty - usa opt-out,surveygroupuninstall
                                                                                                                                                                                                                                                                                                                                                                                TTL: 86400
                                                                                                                                                                                                                                                                                                                                                                                TTL-Spread: 43200
                                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                Alt-Svc: clear
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:44 UTC1390INData Raw: 5b 45 6e 63 72 79 70 74 5d 0d 0a 43 43 50 4f 43 3d 44 49 53 41 42 4c 45 44 0d 0a 44 54 4e 50 3d 31 32 30 30 0d 0a 44 55 4e 50 3d 39 30 30 0d 0a 5b 43 6f 6d 6d 6f 6e 5d 0d 0a 41 6c 70 68 61 49 6e 74 65 67 72 61 74 69 6f 6e 3d 31 0d 0a 41 6c 70 68 61 4d 69 67 72 61 74 69 6f 6e 3d 31 0d 0a 41 55 32 3d 31 0d 0a 41 55 54 4e 56 3d 30 0d 0a 43 43 41 4d 3d 44 49 53 41 42 4c 45 44 0d 0a 43 43 4e 55 3d 30 0d 0a 43 43 54 3d 45 4e 41 42 4c 45 44 32 0d 0a 44 72 69 76 65 72 53 63 61 6e 49 6e 74 65 72 76 61 6c 3d 37 0d 0a 44 72 69 76 65 72 55 70 64 61 74 65 72 3d 31 0d 0a 44 72 69 76 65 72 55 70 64 61 74 65 72 56 65 72 73 69 6f 6e 3d 31 0d 0a 44 75 6d 70 52 65 70 6f 72 74 69 6e 67 3d 31 0d 0a 44 55 53 6b 69 70 4f 6e 62 6f 61 72 64 69 6e 67 3d 30 0d 0a 47 44 44 45 42 55
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: [Encrypt]CCPOC=DISABLEDDTNP=1200DUNP=900[Common]AlphaIntegration=1AlphaMigration=1AU2=1AUTNV=0CCAM=DISABLEDCCNU=0CCT=ENABLED2DriverScanInterval=7DriverUpdater=1DriverUpdaterVersion=1DumpReporting=1DUSkipOnboarding=0GDDEBU
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:44 UTC62INData Raw: 44 36 43 34 44 33 43 41 46 34 46 39 30 45 35 38 34 44 33 35 34 37 41 33 46 32 30 31 38 41 31 39 35 35 45 37 46 31 31 44 31 46 43 44 37 43 31 38 42 37 36 37 35 39 41 53 57 53 69 67 32 41
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: D6C4D3CAF4F90E584D3547A3F2018A1955E7F11D1FCD7C18B76759ASWSig2A


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                48192.168.2.54976213.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:43 UTC192OUTGET /rules/rule120645v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:44 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:44 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 425
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BBA25094F"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 62f36519-501e-0016-468c-3a181b000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111444Z-174c587ffdf89smkhC1TEB697s00000004f00000000069gw
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:44 UTC425INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 4d 6d 5d 5b 41 61 5d 5b 5a 7a 5d 5b 4f 6f 5d 5b 4e 6e 5d 20 5b 45 65 5d 5b 43 63 5d 32 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120645" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120643" /> <SR T="2" R="([Aa][Mm][Aa][Zz][Oo][Nn] [Ee][Cc]2)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I=


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                49192.168.2.54976413.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:43 UTC192OUTGET /rules/rule120647v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:44 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:44 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 448
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:29 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB389F49B"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 2822332a-801e-002a-6c23-3d31dc000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111444Z-178bfbc474bv587zhC1NYCny5w00000005ng00000000d3b8
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:44 UTC448INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 41 61 5d 5b 50 70 5d 5b 41 61 5d 5b 43 63 5d 5b 48 68 5d 5b 45 65 5d 20 5b 53 73 5d 5b 4f 6f 5d 5b 46 66 5d 5b 54 74 5d 5b 57 77 5d 5b 41 61 5d 5b 52 72 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120647" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <SR T="2" R="([Aa][Pp][Aa][Cc][Hh][Ee] [Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee])"> <S T="1" F="1" M="Ignore" /> </SR>


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                50192.168.2.54976313.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:43 UTC192OUTGET /rules/rule120646v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:44 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:44 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 475
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:28 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB2BE84FD"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 8b9ec706-101e-000b-544c-3c5e5c000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111444Z-15b8b599d88cn5thhC1TEBqxkn00000004b00000000016pw
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:44 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120646" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120645" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                51192.168.2.54976613.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:44 UTC192OUTGET /rules/rule120648v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:44 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:44 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 491
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B98B88612"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: e456cfdf-c01e-0014-248c-3aa6a3000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111444Z-174c587ffdf4zw2thC1TEBu34000000004dg00000000ac2e
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:44 UTC491INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120648" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                52192.168.2.54976713.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:44 UTC192OUTGET /rules/rule120649v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:44 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:44 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 416
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:21 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BAEA4B445"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 9177d9ad-001e-0028-350e-3dc49f000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111444Z-178bfbc474bvjk8shC1NYC83ns00000005qg000000006ydd
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:44 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 34 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 46 66 5d 5b 45 65 5d 5b 44 64 5d 5b 4f 6f 5d 5b 52 72 5d 5b 41 61 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120649" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120647" /> <SR T="2" R="^([Ff][Ee][Dd][Oo][Rr][Aa])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                53192.168.2.54976813.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:46 UTC192OUTGET /rules/rule120650v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:46 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 479
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B989EE75B"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 0aa534f7-c01e-0014-501a-3ea6a3000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111446Z-178bfbc474bfw4gbhC1NYCunf400000005xg000000004rku
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:46 UTC479INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120650" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                54192.168.2.54976913.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:46 UTC192OUTGET /rules/rule120651v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:46 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 415
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:10 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA80D96A1"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 4ec76ea5-a01e-006f-014e-3c13cd000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111446Z-178bfbc474bv587zhC1NYCny5w00000005u00000000030h3
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:46 UTC415INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 34 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 47 67 5d 5b 4f 6f 5d 5b 4f 6f 5d 5b 47 67 5d 5b 4c 6c 5d 5b 45 65 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120651" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120649" /> <SR T="2" R="([Gg][Oo][Oo][Gg][Ll][Ee])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tru


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                55192.168.2.54977113.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:46 UTC192OUTGET /rules/rule120653v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:46 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 419
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:51 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9C710B28"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 7511da03-801e-0083-3b8c-3af0ae000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111446Z-15b8b599d88tmlzshC1TEB4xpn00000004bg000000000uuc
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:46 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 49 69 5d 5b 4e 6e 5d 5b 4e 6e 5d 5b 4f 6f 5d 5b 54 74 5d 5b 45 65 5d 5b 4b 6b 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120653" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <SR T="2" R="([Ii][Nn][Nn][Oo][Tt][Ee][Kk])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                56192.168.2.54977013.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:46 UTC192OUTGET /rules/rule120652v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:47 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 471
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:43 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B97E6FCDD"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 79a9dcb6-201e-003c-1c7b-3b30f9000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111446Z-174c587ffdfb5q56hC1TEB04kg00000004cg000000000527
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:47 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120652" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120651" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                57192.168.2.54977213.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:46 UTC192OUTGET /rules/rule120654v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:47 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 477
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:05 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA54DCC28"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: ce4e00c6-401e-00a3-3516-3d8b09000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111446Z-178bfbc474b9fdhphC1NYCac0n00000005tg000000006ewn
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:47 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120654" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                58192.168.2.54977313.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:48 UTC192OUTGET /rules/rule120655v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:48 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:48 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 419
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:37 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB7F164C3"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 6b91e280-c01e-00a2-4f0a-3d2327000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111448Z-178bfbc474bq2pr7hC1NYCkfgg00000005yg00000000917g
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:48 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 49 69 5d 5b 4d 6d 5d 5b 42 62 5d 5b 4f 6f 5d 5b 58 78 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120655" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120653" /> <SR T="2" R="([Nn][Ii][Mm][Bb][Oo][Xx][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                59192.168.2.54977413.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:48 UTC192OUTGET /rules/rule120656v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:48 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:48 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 477
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:04 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA48B5BDD"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 449238ea-501e-0029-7d7c-3bd0b8000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111448Z-174c587ffdf9xbcchC1TEBxkz4000000043000000000hcag
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:48 UTC477INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120656" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                60192.168.2.54977613.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:48 UTC192OUTGET /rules/rule120658v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:49 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:48 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 472
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:34 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB650C2EC"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 5304f1e1-001e-005a-6c6b-3bc3d0000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111448Z-178bfbc474bpnd5vhC1NYC4vr400000005w0000000005p88
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:49 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120658" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                61192.168.2.54977713.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:49 UTC192OUTGET /rules/rule120659v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:49 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:49 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 468
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB3EAF226"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 6b17e566-f01e-003f-7a44-3cd19d000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111449Z-178bfbc474bgvl54hC1NYCsfuw00000005sg00000000cskw
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:49 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 50 70 5d 5b 45 65 5d 5b 4e 6e 5d 5b 53 73 5d 5b 54 74 5d 5b 41 61 5d 5b 43 63 5d 5b 4b 6b 5d 20 5b 46 66 5d 5b 4f 6f 5d 5b 55 75 5d 5b 4e 6e 5d 5b 44 64 5d 5b 41 61 5d 5b 54 74 5d 5b 49 69 5d 5b 4f 6f 5d 5b 4e 6e 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120659" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120657" /> <SR T="2" R="([Oo][Pp][Ee][Nn][Ss][Tt][Aa][Cc][Kk] [Ff][Oo][Uu][Nn][Dd][Aa][Tt][Ii][Oo][Nn])"> <S T="1" F="1" M="I


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                62192.168.2.54977513.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:49 UTC192OUTGET /rules/rule120657v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:49 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:49 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 419
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:57 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9FF95F80"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: a7625850-801e-007b-654c-3ce7ab000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111449Z-15b8b599d88wn9hhhC1TEBry0g00000004dg000000007be1
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:49 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 35 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4e 6e 5d 5b 55 75 5d 5b 54 74 5d 5b 41 61 5d 5b 4e 6e 5d 5b 49 69 5d 5b 58 78 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120657" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120655" /> <SR T="2" R="([Nn][Uu][Tt][Aa][Nn][Ii][Xx])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                63192.168.2.54977813.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:51 UTC192OUTGET /rules/rule120660v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:51 UTC491INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:51 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 485
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:39 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB9769355"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: c63dd3a8-001e-0017-61d8-3d0c3c000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111451Z-178bfbc474bv7whqhC1NYC1fg400000005zg0000000013mk
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:51 UTC485INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120660" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120659" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                64192.168.2.54978013.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:51 UTC192OUTGET /rules/rule120662v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:51 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:51 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 470
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:42 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BBB181F65"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 43d09947-101e-005a-2421-3c882b000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111451Z-178bfbc474bwlrhlhC1NYCy3kg00000005w0000000006p2v
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:51 UTC470INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120662" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120661" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                65192.168.2.54977913.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:51 UTC192OUTGET /rules/rule120661v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:51 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:51 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 411
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B989AF051"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 961908b5-401e-0016-178c-3a53e0000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111451Z-178bfbc474bpnd5vhC1NYC4vr400000005y000000000347g
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:51 UTC411INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 35 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 4f 6f 5d 5b 56 76 5d 5b 49 69 5d 5b 52 72 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120661" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120659" /> <SR T="2" R="([Oo][Vv][Ii][Rr][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                66192.168.2.54978213.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:51 UTC192OUTGET /rules/rule120664v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:51 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:51 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 502
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:35 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB6A0D312"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 5c70d6ce-001e-00ad-368c-3a554b000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111451Z-174c587ffdfmlsmvhC1TEBvyks00000004d000000000h9zb
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:51 UTC502INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120664" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120663" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                67192.168.2.54978113.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:51 UTC192OUTGET /rules/rule120663v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:51 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:51 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 427
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:32 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB556A907"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 2145ee07-e01e-003c-0347-3cc70b000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111451Z-15b8b599d88g5tp8hC1TEByx6w000000049000000000b1s9
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:51 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 41 61 5d 5b 52 72 5d 5b 41 61 5d 5b 4c 6c 5d 5b 4c 6c 5d 5b 45 65 5d 5b 4c 6c 5d 5b 53 73 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120663" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120661" /> <SR T="2" R="([Pp][Aa][Rr][Aa][Ll][Ll][Ee][Ll][Ss])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                68192.168.2.54978334.117.223.2234434500C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:52 UTC164OUTPOST /receive3 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-enc-sb
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Avast Antivirus
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 329
                                                                                                                                                                                                                                                                                                                                                                                Host: analytics.avcdn.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:52 UTC329OUTData Raw: 0a c6 02 0a 68 42 40 31 46 32 43 43 41 44 33 38 31 32 36 35 36 43 34 39 33 30 36 30 38 33 33 37 43 34 46 42 34 41 35 44 41 39 32 30 32 44 45 31 37 41 46 35 36 35 36 34 37 37 30 32 41 38 33 45 33 46 43 46 33 42 30 4a 24 61 61 32 63 38 36 61 61 2d 37 66 63 35 2d 34 63 38 65 2d 61 36 39 64 2d 31 39 61 37 64 62 63 30 62 37 32 61 12 85 01 0a 03 3b 06 03 10 ca ab 98 f4 0c 28 d7 04 5a 73 08 0a 10 00 18 e5 94 01 20 01 28 00 32 24 66 36 66 65 39 66 30 61 2d 35 31 33 38 2d 34 37 37 63 2d 62 37 34 61 2d 37 63 36 33 62 35 35 34 65 62 33 39 38 00 42 2c 50 48 58 4a 2d 51 43 4d 51 2d 49 59 49 32 2d 33 44 34 56 2d 59 56 5a 42 2d 48 57 38 50 2d 53 45 45 48 2d 5a 4d 49 34 2d 35 5a 37 45 48 01 52 00 58 00 60 32 6a 00 72 00 78 00 82 01 00 60 01 22 46 12 0a 36 2e 33 30 2e 31
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: hB@1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0J$aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a;(Zs (2$f6fe9f0a-5138-477c-b74a-7c63b554eb398B,PHXJ-QCMQ-IYI2-3D4V-YVZB-HW8P-SEEH-ZMI4-5Z7EHRX`2jrx`"F6.30.1
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:52 UTC255INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:52 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 24
                                                                                                                                                                                                                                                                                                                                                                                X-ASW-Receiver-Ack: processed
                                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:52 UTC24INData Raw: 52 65 63 65 69 76 65 72 2d 41 63 6b 3a 20 70 72 6f 63 65 73 73 65 64 0a
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: Receiver-Ack: processed


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                69192.168.2.54978434.111.175.1024436300C:\Program Files\CCleaner\CCUpdate.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:52 UTC155OUTGET /v2/info HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: CCleaner Update Agent
                                                                                                                                                                                                                                                                                                                                                                                Host: ip-info.ff.avast.com
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:53 UTC450INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                content-type: application/json
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 338
                                                                                                                                                                                                                                                                                                                                                                                vary: origin, access-control-request-method, access-control-request-headers
                                                                                                                                                                                                                                                                                                                                                                                vary: origin, access-control-request-method, access-control-request-headers
                                                                                                                                                                                                                                                                                                                                                                                access-control-allow-credentials: true
                                                                                                                                                                                                                                                                                                                                                                                x-gen-trace-id: 45130351-4c0e-419a-b4e9-f96be9170573
                                                                                                                                                                                                                                                                                                                                                                                date: Sun, 24 Nov 2024 11:14:52 GMT
                                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:53 UTC338INData Raw: 7b 22 61 73 6e 4e 75 6d 62 65 72 22 3a 33 33 35 36 2c 22 61 73 6e 4f 72 67 61 6e 69 7a 61 74 69 6f 6e 22 3a 22 4c 45 56 45 4c 33 22 2c 22 63 69 74 79 22 3a 22 4e 65 77 20 59 6f 72 6b 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 22 3a 22 4e 6f 72 74 68 20 41 6d 65 72 69 63 61 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 43 6f 64 65 22 3a 22 4e 41 22 2c 22 63 6f 75 6e 74 72 79 22 3a 22 55 53 22 2c 22 63 6f 75 6e 74 72 79 4e 61 6d 65 22 3a 22 55 6e 69 74 65 64 20 53 74 61 74 65 73 22 2c 22 69 70 22 3a 22 38 2e 34 36 2e 31 32 33 2e 37 35 22 2c 22 69 73 70 22 3a 22 43 65 6e 74 75 72 79 4c 69 6e 6b 22 2c 22 6c 61 74 69 74 75 64 65 22 3a 34 30 2e 37 31 32 33 2c 22 6c 6f 6e 67 69 74 75 64 65 22 3a 2d 37 34 2e 30 30 36 38 2c 22 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 22 3a 22 43 65 6e
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: {"asnNumber":3356,"asnOrganization":"LEVEL3","city":"New York","continent":"North America","continentCode":"NA","country":"US","countryName":"United States","ip":"8.46.123.75","isp":"CenturyLink","latitude":40.7123,"longitude":-74.0068,"organization":"Cen


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                70192.168.2.54978513.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:53 UTC192OUTGET /rules/rule120665v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:54 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:54 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 407
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:52 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B9D30478D"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 390d82dd-f01e-0071-4371-3c431c000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111454Z-174c587ffdf8lw6dhC1TEBkgs8000000047000000000p04f
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:54 UTC407INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 50 70 5d 5b 53 73 5d 5b 53 73 5d 5b 43 63 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120665" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120663" /> <SR T="2" R="([Pp][Ss][Ss][Cc])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                71192.168.2.54978613.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:53 UTC192OUTGET /rules/rule120666v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:54 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:54 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 474
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB3F48DAE"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 3b3ce442-a01e-001e-3708-3d49ef000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111454Z-178bfbc474bvjk8shC1NYC83ns00000005pg0000000091ns
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:54 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120666" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120665" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                72192.168.2.54978813.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:53 UTC192OUTGET /rules/rule120668v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:54 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:54 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 469
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:30 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB3CAEBB8"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 9479b36f-f01e-0020-340e-3e956b000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111454Z-178bfbc474bfw4gbhC1NYCunf400000005xg000000004s6e
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:54 UTC469INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120668" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120667" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                73192.168.2.54978713.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:54 UTC192OUTGET /rules/rule120667v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:54 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:54 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 408
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:40 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB9B6040B"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 6e54758c-301e-0020-321b-3d6299000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111454Z-178bfbc474bq2pr7hC1NYCkfgg0000000630000000002wqn
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:54 UTC408INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 51 71 5d 5b 45 65 5d 5b 4d 6d 5d 5b 55 75 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120667" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120665" /> <SR T="2" R="^([Qq][Ee][Mm][Uu])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true">


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                74192.168.2.54979034.117.223.2234431272C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:54 UTC164OUTPOST /receive3 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-enc-sb
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Avast Antivirus
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 236
                                                                                                                                                                                                                                                                                                                                                                                Host: analytics.avcdn.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:54 UTC236OUTData Raw: 0a e9 01 0a 68 42 40 31 46 32 43 43 41 44 33 38 31 32 36 35 36 43 34 39 33 30 36 30 38 33 33 37 43 34 46 42 34 41 35 44 41 39 32 30 32 44 45 31 37 41 46 35 36 35 36 34 37 37 30 32 41 38 33 45 33 46 43 46 33 42 30 4a 24 61 61 32 63 38 36 61 61 2d 37 66 63 35 2d 34 63 38 65 2d 61 36 39 64 2d 31 39 61 37 64 62 63 30 62 37 32 61 12 29 0a 03 3b 09 01 10 d6 aa 98 f4 0c 28 d7 04 5a 17 08 99 3d 12 08 0a 04 48 4b 4c 4d 10 06 12 08 0a 04 48 4b 43 55 10 06 60 01 22 46 12 0a 36 2e 33 30 2e 31 31 33 38 35 18 01 22 2f 31 30 2e 30 20 28 42 75 69 6c 64 20 31 39 30 34 35 2c 20 52 65 6c 65 61 73 65 20 32 30 30 39 2c 20 55 42 52 20 32 30 30 36 2c 20 78 36 34 29 38 68 40 00 48 f6 04 40 12 52 08 08 01 10 ab 95 8c ba 06
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: hB@1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0J$aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a);(Z=HKLMHKCU`"F6.30.11385"/10.0 (Build 19045, Release 2009, UBR 2006, x64)8h@H@R
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:54 UTC255INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:54 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 24
                                                                                                                                                                                                                                                                                                                                                                                X-ASW-Receiver-Ack: processed
                                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:54 UTC24INData Raw: 52 65 63 65 69 76 65 72 2d 41 63 6b 3a 20 70 72 6f 63 65 73 73 65 64 0a
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: Receiver-Ack: processed


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                75192.168.2.54979234.117.223.2234434500C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:54 UTC164OUTPOST /receive3 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-enc-sb
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Avast Antivirus
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 230
                                                                                                                                                                                                                                                                                                                                                                                Host: analytics.avcdn.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:54 UTC230OUTData Raw: 0a e3 01 0a 68 42 40 31 46 32 43 43 41 44 33 38 31 32 36 35 36 43 34 39 33 30 36 30 38 33 33 37 43 34 46 42 34 41 35 44 41 39 32 30 32 44 45 31 37 41 46 35 36 35 36 34 37 37 30 32 41 38 33 45 33 46 43 46 33 42 30 4a 24 61 61 32 63 38 36 61 61 2d 37 66 63 35 2d 34 63 38 65 2d 61 36 39 64 2d 31 39 61 37 64 62 63 30 62 37 32 61 12 23 0a 03 3b 09 01 10 ce ab 98 f4 0c 28 d7 04 5a 11 08 bf 65 12 0c 0a 08 32 30 32 34 31 31 32 34 10 02 60 01 22 46 12 0a 36 2e 33 30 2e 31 31 33 38 35 18 01 22 2f 31 30 2e 30 20 28 42 75 69 6c 64 20 31 39 30 34 35 2c 20 52 65 6c 65 61 73 65 20 32 30 30 39 2c 20 55 42 52 20 32 30 30 36 2c 20 78 36 34 29 38 68 40 00 48 f6 04 40 12 52 08 08 01 10 e7 95 8c ba 06
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: hB@1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0J$aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a#;(Ze20241124`"F6.30.11385"/10.0 (Build 19045, Release 2009, UBR 2006, x64)8h@H@R
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:54 UTC255INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:54 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 24
                                                                                                                                                                                                                                                                                                                                                                                X-ASW-Receiver-Ack: processed
                                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:54 UTC24INData Raw: 52 65 63 65 69 76 65 72 2d 41 63 6b 3a 20 70 72 6f 63 65 73 73 65 64 0a
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: Receiver-Ack: processed


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                76192.168.2.54978913.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:54 UTC192OUTGET /rules/rule120669v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:54 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:54 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 416
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:32 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB5284CCE"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 376cbe9f-601e-00ab-3b11-3d66f4000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111454Z-178bfbc474bscnbchC1NYCe7eg000000061g000000005p9p
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:54 UTC416INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 36 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 52 72 5d 5b 45 65 5d 5b 44 64 5d 20 5b 48 68 5d 5b 41 61 5d 5b 54 74 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120669" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120667" /> <SR T="2" R="([Rr][Ee][Dd] [Hh][Aa][Tt])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="tr


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                77192.168.2.54979834.117.223.2234431272C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:55 UTC164OUTPOST /receive3 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-enc-sb
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Avast Antivirus
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 247
                                                                                                                                                                                                                                                                                                                                                                                Host: analytics.avcdn.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:55 UTC247OUTData Raw: 0a f4 01 0a 68 42 40 31 46 32 43 43 41 44 33 38 31 32 36 35 36 43 34 39 33 30 36 30 38 33 33 37 43 34 46 42 34 41 35 44 41 39 32 30 32 44 45 31 37 41 46 35 36 35 36 34 37 37 30 32 41 38 33 45 33 46 43 46 33 42 30 4a 24 61 61 32 63 38 36 61 61 2d 37 66 63 35 2d 34 63 38 65 2d 61 36 39 64 2d 31 39 61 37 64 62 63 30 62 37 32 61 12 34 0a 03 3b 09 01 10 d6 aa 98 f4 0c 28 d7 04 5a 22 08 c9 34 12 1d 0a 19 50 6e 61 63 6c 54 72 61 6e 73 6c 61 74 69 6f 6e 43 61 63 68 65 53 69 7a 65 10 00 60 01 22 46 12 0a 36 2e 33 30 2e 31 31 33 38 35 18 01 22 2f 31 30 2e 30 20 28 42 75 69 6c 64 20 31 39 30 34 35 2c 20 52 65 6c 65 61 73 65 20 32 30 30 39 2c 20 55 42 52 20 32 30 30 36 2c 20 78 36 34 29 38 68 40 00 48 f6 04 40 12 52 08 08 01 10 ad 95 8c ba 06
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: hB@1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0J$aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a4;(Z"4PnaclTranslationCacheSize`"F6.30.11385"/10.0 (Build 19045, Release 2009, UBR 2006, x64)8h@H@R
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:56 UTC255INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:56 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 24
                                                                                                                                                                                                                                                                                                                                                                                X-ASW-Receiver-Ack: processed
                                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:56 UTC24INData Raw: 52 65 63 65 69 76 65 72 2d 41 63 6b 3a 20 70 72 6f 63 65 73 73 65 64 0a
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: Receiver-Ack: processed


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                78192.168.2.54979513.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:56 UTC192OUTGET /rules/rule120670v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:56 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:56 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 472
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:33 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B91EAD002"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 7a39f588-d01e-0014-712e-3ded58000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111456Z-178bfbc474bp8mkvhC1NYCzqnn00000005p00000000092qu
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:56 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120670" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120669" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                79192.168.2.54979613.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:56 UTC192OUTGET /rules/rule120671v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:56 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:56 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 432
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:15 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BAABA2A10"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 23cbbb45-601e-0084-4e3d-3c6b3f000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111456Z-15b8b599d889fz52hC1TEB59as000000047000000000gaum
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:56 UTC432INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 36 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 5e 28 5b 53 73 5d 5b 55 75 5d 5b 50 70 5d 5b 45 65 5d 5b 52 72 5d 5b 4d 6d 5d 5b 49 69 5d 5b 43 63 5d 5b 52 72 5d 5b 4f 6f 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120671" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120669" /> <SR T="2" R="^([Ss][Uu][Pp][Ee][Rr][Mm][Ii][Cc][Rr][Oo])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                80192.168.2.54979713.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:56 UTC192OUTGET /rules/rule120672v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:56 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:56 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 475
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BBA740822"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 5c8e7bca-d01e-0049-4f4b-3ce7dc000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111456Z-15b8b599d885v8r9hC1TEB104g00000004cg000000008zmu
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:56 UTC475INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120672" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120671" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                81192.168.2.54979913.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:56 UTC192OUTGET /rules/rule120673v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:56 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:56 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 427
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:31 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB464F255"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: f5c58262-401e-00ac-04df-3d0a97000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111456Z-178bfbc474btrnf9hC1NYCb80g00000005y000000000bq10
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:56 UTC427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 33 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 54 74 5d 5b 48 68 5d 5b 49 69 5d 5b 4e 6e 5d 5b 50 70 5d 5b 55 75 5d 5b 54 74 5d 5b 45 65 5d 5b 52 72 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120673" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120671" /> <SR T="2" R="([Tt][Hh][Ii][Nn][Pp][Uu][Tt][Ee][Rr])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W"


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                82192.168.2.54980013.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:56 UTC192OUTGET /rules/rule120674v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:57 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:57 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 474
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA4037B0D"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 3aa21312-901e-0016-730f-3defe9000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111457Z-15b8b599d889gj5whC1TEBfyk0000000044g00000000ar9d
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:57 UTC474INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120674" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120673" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                83192.168.2.54980335.190.209.224435912C:\Program Files\CCleaner\CCleanerBugReport.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:57 UTC166OUTPOST /V1/MD HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Avast Antivirus
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 279
                                                                                                                                                                                                                                                                                                                                                                                Host: winqual.sb.avast.com
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:57 UTC279OUTData Raw: 0a 16 0a 14 81 e5 b1 d9 be 38 11 ea d0 e1 ad e0 6c 86 28 bb a9 39 43 5e 12 4e 0a 24 61 61 32 63 38 36 61 61 2d 37 66 63 35 2d 34 63 38 65 2d 61 36 39 64 2d 31 39 61 37 64 62 63 30 62 37 32 61 52 04 ff ff ff ff 5a 20 1f 2c ca d3 81 26 56 c4 93 06 08 33 7c 4f b4 a5 da 92 02 de 17 af 56 56 47 70 2a 83 e3 fc f3 b0 20 00 28 01 30 cf c9 8c ba 06 3a a0 01 0a 24 61 61 32 63 38 36 61 61 2d 37 66 63 35 2d 34 63 38 65 2d 61 36 39 64 2d 31 39 61 37 64 62 63 30 62 37 32 61 12 0a 36 2e 33 30 2e 31 31 33 38 35 1a 0c 31 30 2e 30 2e 31 39 30 34 35 20 30 38 01 40 00 48 00 5a 00 62 00 68 02 70 b4 01 8a 01 20 1f 2c ca d3 81 26 56 c4 93 06 08 33 7c 4f b4 a5 da 92 02 de 17 af 56 56 47 70 2a 83 e3 fc f3 b0 90 01 00 9a 01 28 4c 4f 47 5c 75 6e 70 33 31 31 34 35 35 37 30 33 36 34
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: 8l(9C^N$aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72aRZ ,&V3|OVVGp* (0:$aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a6.30.1138510.0.19045 08@HZbhp ,&V3|OVVGp*(LOG\unp31145570364
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:58 UTC150INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:58 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 21
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:58 UTC21INData Raw: 12 02 08 00 1a 0f 4e 6f 74 20 69 6e 20 46 72 61 63 74 69 6f 6e
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: Not in Fraction


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                84192.168.2.54980513.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:58 UTC192OUTGET /rules/rule120676v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:58 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:58 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 472
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:44 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B984BF177"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 1a92378f-b01e-005c-6f7b-3b4c66000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111458Z-174c587ffdfcb7qhhC1TEB3x7000000004eg0000000074kv
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:58 UTC472INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 36 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120676" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120675" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                85192.168.2.54980413.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:58 UTC192OUTGET /rules/rule120675v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:58 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:58 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 419
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA6CF78C8"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: a5f5ebba-f01e-003f-29f6-3cd19d000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111458Z-178bfbc474bq2pr7hC1NYCkfgg00000006400000000015ug
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:58 UTC419INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 35 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5b 55 75 5d 5b 50 70 5d 5b 43 63 5d 5b 4c 6c 5d 5b 4f 6f 5d 5b 55 75 5d 5b 44 64 5d 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120675" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120673" /> <SR T="2" R="([Uu][Pp][Cc][Ll][Oo][Uu][Dd])"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O=


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                86192.168.2.54980613.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:58 UTC192OUTGET /rules/rule120677v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:58 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:58 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 405
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:37 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B942B6AFF"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 964846c7-701e-001e-36c3-3bf5e6000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111458Z-174c587ffdf8lw6dhC1TEBkgs800000004ag00000000au40
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:58 UTC405INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 37 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 35 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 52 20 54 3d 22 32 22 20 52 3d 22 28 5e 5b 58 78 5d 5b 45 65 5d 5b 4e 6e 5d 24 29 22 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 31 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 53 52 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 57 22 20 49 3d 22 30 22 20 4f 3d 22 74 72 75 65 22 3e 0d 0a 20 20 20 20 3c
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120677" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120675" /> <SR T="2" R="(^[Xx][Ee][Nn]$)"> <S T="1" F="1" M="Ignore" /> </SR> </S> <C T="W" I="0" O="true"> <


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                87192.168.2.54980713.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:58 UTC192OUTGET /rules/rule120678v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:58 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:58 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 468
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:41 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BBA642BF4"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 26217b89-b01e-001e-808c-3a0214000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111458Z-178bfbc474btvfdfhC1NYCa2en00000005w000000000a5q8
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:58 UTC468INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 37 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120678" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120677" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                88192.168.2.54980813.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:59 UTC192OUTGET /rules/rule120679v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:59 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:14:59 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 174
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:33 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B91D80E15"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 5a5a0c5e-c01e-0079-588c-3ae51a000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111459Z-174c587ffdf59vqchC1TEByk6800000004dg00000000fwne
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:14:59 UTC174INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 37 39 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 37 37 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 54 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 31 22 20 2f 3e 0d 0a 20 20 3c 2f 54 3e 0d 0a 3c 2f 52 3e
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120679" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120677" /> </S> <T> <S T="1" /> </T></R>


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                89192.168.2.54981035.190.209.224435912C:\Program Files\CCleaner\CCleanerBugReport.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:00 UTC166OUTPOST /V1/MD HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Avast Antivirus
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 302
                                                                                                                                                                                                                                                                                                                                                                                Host: winqual.sb.avast.com
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:00 UTC302OUTData Raw: 0a 16 0a 14 1b f0 e0 ed e6 57 ce e8 40 28 07 ee 13 27 72 0b 99 da 99 72 12 4e 0a 24 61 61 32 63 38 36 61 61 2d 37 66 63 35 2d 34 63 38 65 2d 61 36 39 64 2d 31 39 61 37 64 62 63 30 62 37 32 61 52 04 ff ff ff ff 5a 20 1f 2c ca d3 81 26 56 c4 93 06 08 33 7c 4f b4 a5 da 92 02 de 17 af 56 56 47 70 2a 83 e3 fc f3 b0 20 00 28 01 30 d2 c9 8c ba 06 3a b7 01 0a 24 61 61 32 63 38 36 61 61 2d 37 66 63 35 2d 34 63 38 65 2d 61 36 39 64 2d 31 39 61 37 64 62 63 30 62 37 32 61 12 0a 36 2e 33 30 2e 31 31 33 38 35 1a 0c 31 30 2e 30 2e 31 39 30 34 35 20 30 38 66 40 f2 49 48 a4 93 99 f4 0c 5a 00 62 00 68 02 70 b4 01 8a 01 20 1f 2c ca d3 81 26 56 c4 93 06 08 33 7c 4f b4 a5 da 92 02 de 17 af 56 56 47 70 2a 83 e3 fc f3 b0 90 01 00 9a 01 11 4c 4f 47 5c 42 75 67 52 65 70 6f 72 74
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: W@('rrN$aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72aRZ ,&V3|OVVGp* (0:$aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a6.30.1138510.0.19045 08f@IHZbhp ,&V3|OVVGp*LOG\BugReport
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:01 UTC150INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:00 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 21
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:01 UTC21INData Raw: 12 02 08 00 1a 0f 4e 6f 74 20 69 6e 20 46 72 61 63 74 69 6f 6e
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: Not in Fraction


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                90192.168.2.54981113.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:01 UTC192OUTGET /rules/rule120680v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:01 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:01 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1952
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:39 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B956B0F3D"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: a1757a3c-c01e-0034-7811-3d2af6000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111501Z-178bfbc474bwh9gmhC1NYCy3rs00000005zg000000004x8m
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:01 UTC1952INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 31 22 20 47 3d 22 7b 62 31 36 37 36 61 63 33 2d 37 66 65 65 2d 34 34 61 39 2d 39 61 30 65 2d 64 62 62 30 62 34 39 36 65 66 61 35 7d 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 38 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 33 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120680" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <SS T="1" G="{b1676ac3-7fee-44a9-9a0e-dbb0b496efa5}" /> <R T="2" R="120682" /> <F T="3"> <O T="LT"> <L>


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                91192.168.2.54981213.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:01 UTC192OUTGET /rules/rule120681v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:01 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:01 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 958
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:58 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BA0A31B3B"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 28a3992e-001e-0028-777f-3bc49f000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111501Z-174c587ffdftv9hphC1TEBm29w00000004ag000000004wy5
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:01 UTC958INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 38 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 38 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 33 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120681" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120608" /> <R T="2" R="120680" /> <TH T="3"> <O T="AND"> <L> <O T="EQ"> <L>


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                92192.168.2.54981313.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:01 UTC192OUTGET /rules/rule120682v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:01 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:01 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 501
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:18 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BACFDAACD"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 2c6bdbd8-801e-0035-0204-3e752a000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111501Z-178bfbc474bv7whqhC1NYC1fg400000005ug000000008r8m
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:01 UTC501INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 38 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54 65 6c 65 6d 65 74 72 79 53 74 61 72 74 75 70 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 31 30 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 53 53 20 54 3d 22 33 22 20 47 3d 22 7b 62 31 36 37 36 61 63 33 2d 37 66 65 65 2d 34 34 61 39 2d 39 61 30 65 2d 64 62 62 30 62 34 39 36 65 66 61 35 7d 22 20 2f 3e 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120682" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <A T="1" E="TelemetryStartup" /> <R T="2" R="120100" /> <SS T="3" G="{b1676ac3-7fee-44a9-9a0e-dbb0b496efa5}" /> </S> <C T="


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                93192.168.2.54981413.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:01 UTC193OUTGET /rules/rule120602v10s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:01 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:01 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 2592
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:26:33 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BB5B890DB"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: bc0c8c97-701e-0053-1e45-3c3a0a000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111501Z-178bfbc474bbcwv4hC1NYCypys00000005r0000000006unn
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:01 UTC2592INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 32 22 20 56 3d 22 31 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 41 70 70 6c 69 63 61 74 69 6f 6e 41 6e 64 4c 61 6e 67 75 61 67 65 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120602" V="10" DC="SM" EN="Office.System.SystemHealthMetadataApplicationAndLanguage" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa=


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                94192.168.2.54981513.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:01 UTC192OUTGET /rules/rule120601v3s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:02 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:01 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 3342
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:25:34 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582B927E47E9"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: abaf503b-901e-0064-2b47-3ce8a6000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111501Z-178bfbc474bw8bwphC1NYC38b400000005t0000000002t1g
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:02 UTC3342INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 31 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 4d 65 74 61 64 61 74 61 4f 53 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 44 43 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120601" V="3" DC="SM" EN="Office.System.SystemHealthMetadataOS" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalBusinessImpact" DL="A" DCa="DC" xmlns=""> <RI


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                95192.168.2.54981634.111.175.1024434220C:\Program Files\CCleaner\CCUpdate.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:01 UTC155OUTGET /v2/info HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: CCleaner Update Agent
                                                                                                                                                                                                                                                                                                                                                                                Host: ip-info.ff.avast.com
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:02 UTC450INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                content-type: application/json
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 338
                                                                                                                                                                                                                                                                                                                                                                                vary: origin, access-control-request-method, access-control-request-headers
                                                                                                                                                                                                                                                                                                                                                                                vary: origin, access-control-request-method, access-control-request-headers
                                                                                                                                                                                                                                                                                                                                                                                access-control-allow-credentials: true
                                                                                                                                                                                                                                                                                                                                                                                x-gen-trace-id: fd102f10-febe-40b6-aec2-d4de961e1498
                                                                                                                                                                                                                                                                                                                                                                                date: Sun, 24 Nov 2024 11:15:01 GMT
                                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:02 UTC338INData Raw: 7b 22 61 73 6e 4e 75 6d 62 65 72 22 3a 33 33 35 36 2c 22 61 73 6e 4f 72 67 61 6e 69 7a 61 74 69 6f 6e 22 3a 22 4c 45 56 45 4c 33 22 2c 22 63 69 74 79 22 3a 22 4e 65 77 20 59 6f 72 6b 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 22 3a 22 4e 6f 72 74 68 20 41 6d 65 72 69 63 61 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 43 6f 64 65 22 3a 22 4e 41 22 2c 22 63 6f 75 6e 74 72 79 22 3a 22 55 53 22 2c 22 63 6f 75 6e 74 72 79 4e 61 6d 65 22 3a 22 55 6e 69 74 65 64 20 53 74 61 74 65 73 22 2c 22 69 70 22 3a 22 38 2e 34 36 2e 31 32 33 2e 37 35 22 2c 22 69 73 70 22 3a 22 43 65 6e 74 75 72 79 4c 69 6e 6b 22 2c 22 6c 61 74 69 74 75 64 65 22 3a 34 30 2e 37 31 32 33 2c 22 6c 6f 6e 67 69 74 75 64 65 22 3a 2d 37 34 2e 30 30 36 38 2c 22 6f 72 67 61 6e 69 7a 61 74 69 6f 6e 22 3a 22 43 65 6e
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: {"asnNumber":3356,"asnOrganization":"LEVEL3","city":"New York","continent":"North America","continentCode":"NA","country":"US","countryName":"United States","ip":"8.46.123.75","isp":"CenturyLink","latitude":40.7123,"longitude":-74.0068,"organization":"Cen


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                96192.168.2.54982613.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:03 UTC193OUTGET /rules/rule224901v11s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:03 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:03 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 2284
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:13 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BCD58BEEE"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: ce6cb833-501e-007b-514e-3c5ba2000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111503Z-15b8b599d88wk8w4hC1TEB14b800000004f0000000002yyp
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:03 UTC2284INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 32 32 34 39 30 31 22 20 56 3d 22 31 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4c 69 63 65 6e 73 69 6e 67 2e 4f 66 66 69 63 65 43 6c 69 65 6e 74 4c 69 63 65 6e 73 69 6e 67 2e 44 6f 4c 69 63 65 6e 73 65 56 61 6c 69 64 61 74 69 6f 6e 22 20 41 54 54 3d 22 63 31 61 30 64 62 30 31 32 37 39 36 34 36 37 34 61 30 64 36 32 66 64 65 35 61 62 30 66 65 36 32 2d 36 65 63 34 61 63 34 35 2d 63 65 62 63 2d 34 66 38 30 2d 61 61 38 33 2d 62 36 62 39 64 33 61 38 36 65 64 37 2d 37 37 31 39 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 54 3d 22 55 70 6c 6f 61 64 2d 4d 65 64 69 75 6d 22
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="224901" V="11" DC="SM" EN="Office.Licensing.OfficeClientLicensing.DoLicenseValidation" ATT="c1a0db0127964674a0d62fde5ab0fe62-6ec4ac45-cebc-4f80-aa83-b6b9d3a86ed7-7719" SP="CriticalCensus" T="Upload-Medium"


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                97192.168.2.54982813.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:03 UTC192OUTGET /rules/rule701200v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:03 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:03 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1356
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:38 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDC681E17"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 9c4c3b32-001e-0028-37e2-3dc49f000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111503Z-15b8b599d88g5tp8hC1TEByx6w000000049g00000000aq7t
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:03 UTC1356INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 58 61 6d 6c 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 58 61 6d 6c 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Xaml" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenXaml" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                98192.168.2.54982713.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:03 UTC192OUTGET /rules/rule701201v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:03 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:03 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1393
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:51 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE3E55B6E"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: d2879cce-801e-0047-5869-3b7265000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111503Z-178bfbc474bw8bwphC1NYC38b400000005ug0000000007n3
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:03 UTC1393INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 58 61 6d 6c 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 58 61 6d 6c 22
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Xaml.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenXaml"


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                99192.168.2.54982534.117.223.2234433276C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:03 UTC164OUTPOST /receive3 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-enc-sb
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Avast Antivirus
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 300
                                                                                                                                                                                                                                                                                                                                                                                Host: analytics.avcdn.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:03 UTC300OUTData Raw: 0a a9 02 0a 68 42 40 31 46 32 43 43 41 44 33 38 31 32 36 35 36 43 34 39 33 30 36 30 38 33 33 37 43 34 46 42 34 41 35 44 41 39 32 30 32 44 45 31 37 41 46 35 36 35 36 34 37 37 30 32 41 38 33 45 33 46 43 46 33 42 30 4a 24 61 61 32 63 38 36 61 61 2d 37 66 63 35 2d 34 63 38 65 2d 61 36 39 64 2d 31 39 61 37 64 62 63 30 62 37 32 61 12 69 0a 03 3b 03 01 10 a2 ab 98 f4 0c 28 d7 04 5a 57 0a 13 55 70 64 61 74 65 4e 6f 74 69 66 69 63 61 74 69 6f 6e 73 12 0a 41 63 74 69 76 61 74 69 6f 6e 1a 02 6f 6e 20 00 28 01 32 0a 08 d0 e5 8a ba 06 10 01 18 00 42 09 08 00 10 00 1a 03 31 2d 61 4a 15 6d 6d 6d 5f 63 63 6c 5f 30 31 32 5f 39 39 39 5f 61 38 6b 5f 6d 60 01 22 46 12 0a 36 2e 33 30 2e 31 31 33 38 35 18 01 22 2f 31 30 2e 30 20 28 42 75 69 6c 64 20 31 39 30 34 35 2c 20 52 65
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: hB@1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0J$aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72ai;(ZWUpdateNotificationsActivationon (2B1-aJmmm_ccl_012_999_a8k_m`"F6.30.11385"/10.0 (Build 19045, Re
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:04 UTC255INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:03 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 24
                                                                                                                                                                                                                                                                                                                                                                                X-ASW-Receiver-Ack: processed
                                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:04 UTC24INData Raw: 52 65 63 65 69 76 65 72 2d 41 63 6b 3a 20 70 72 6f 63 65 73 73 65 64 0a
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: Receiver-Ack: processed


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                100192.168.2.54982913.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:03 UTC192OUTGET /rules/rule700201v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:04 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:04 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1393
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:50 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE39DFC9B"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 3994331f-f01e-0071-696c-3b431c000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111504Z-174c587ffdfcj798hC1TEB9bq400000004k0000000004vm6
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:04 UTC1393INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 57 6f 72 64 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 57 6f 72 64 22
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Word.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenWord"


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                101192.168.2.54983013.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:03 UTC192OUTGET /rules/rule700200v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:04 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:04 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1356
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:43 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDF66E42D"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 923400a1-601e-005c-187f-3bf06f000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111504Z-174c587ffdfn4nhwhC1TEB2nbc00000004dg00000000a6b3
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:04 UTC1356INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 57 6f 72 64 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 57 6f 72 64 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Word" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenWord" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                102192.168.2.54983713.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:05 UTC192OUTGET /rules/rule701251v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:06 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:05 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1395
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:41 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDE12A98D"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: aaf9eac1-201e-0000-4977-3ba537000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111505Z-174c587ffdfldtt2hC1TEBwv9c000000046g0000000081xb
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:06 UTC1395INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 69 73 69 6f 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 69 73 69
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701251" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Visio.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVisi


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                103192.168.2.54983413.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:05 UTC192OUTGET /rules/rule702350v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:06 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:05 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1358
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:54 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE6431446"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: fde4123d-901e-00a0-613d-3c6a6d000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111505Z-178bfbc474bmqmgjhC1NYCy16c00000005zg000000004fzb
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:06 UTC1358INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 6f 69 63 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 6f 69 63 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702350" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Voice" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVoice" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                104192.168.2.54983513.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:05 UTC192OUTGET /rules/rule702351v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:06 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:05 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1395
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE017CAD3"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 1a87898e-001e-002b-2066-3b99f2000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111505Z-178bfbc474bscnbchC1NYCe7eg000000061g000000005pq6
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:06 UTC1395INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 33 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 6f 69 63 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 6f 69 63
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702351" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Voice.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVoic


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                105192.168.2.54984034.117.223.2234433276C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:05 UTC164OUTPOST /receive3 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-enc-sb
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Avast Antivirus
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 292
                                                                                                                                                                                                                                                                                                                                                                                Host: analytics.avcdn.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:05 UTC292OUTData Raw: 0a a1 02 0a 68 42 40 31 46 32 43 43 41 44 33 38 31 32 36 35 36 43 34 39 33 30 36 30 38 33 33 37 43 34 46 42 34 41 35 44 41 39 32 30 32 44 45 31 37 41 46 35 36 35 36 34 37 37 30 32 41 38 33 45 33 46 43 46 33 42 30 4a 24 61 61 32 63 38 36 61 61 2d 37 66 63 35 2d 34 63 38 65 2d 61 36 39 64 2d 31 39 61 37 64 62 63 30 62 37 32 61 12 61 0a 03 3b 03 01 10 a2 ab 98 f4 0c 28 d7 04 5a 4f 0a 0b 41 75 74 6f 55 70 64 61 74 65 73 12 0a 41 63 74 69 76 61 74 69 6f 6e 1a 02 6f 6e 20 00 28 01 32 0a 08 d0 e5 8a ba 06 10 01 18 00 42 09 08 00 10 00 1a 03 31 2d 61 4a 15 6d 6d 6d 5f 63 63 6c 5f 30 31 32 5f 39 39 39 5f 61 38 6b 5f 6d 60 01 22 46 12 0a 36 2e 33 30 2e 31 31 33 38 35 18 01 22 2f 31 30 2e 30 20 28 42 75 69 6c 64 20 31 39 30 34 35 2c 20 52 65 6c 65 61 73 65 20 32 30
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: hB@1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0J$aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72aa;(ZOAutoUpdatesActivationon (2B1-aJmmm_ccl_012_999_a8k_m`"F6.30.11385"/10.0 (Build 19045, Release 20
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:06 UTC255INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:06 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 24
                                                                                                                                                                                                                                                                                                                                                                                X-ASW-Receiver-Ack: processed
                                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:06 UTC24INData Raw: 52 65 63 65 69 76 65 72 2d 41 63 6b 3a 20 70 72 6f 63 65 73 73 65 64 0a
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: Receiver-Ack: processed


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                106192.168.2.5498394.245.163.56443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:05 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=GRl3eG9fkn88GgF&MD=UgZxxMnN HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                                                                                                                                                                                                                                                                Host: slscr.update.microsoft.com
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:06 UTC560INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache
                                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                Expires: -1
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
                                                                                                                                                                                                                                                                                                                                                                                MS-CorrelationId: 62695028-74db-4a23-bfa9-88d53f957af2
                                                                                                                                                                                                                                                                                                                                                                                MS-RequestId: bd7e3145-d8ed-4d13-94eb-427dc9ff0beb
                                                                                                                                                                                                                                                                                                                                                                                MS-CV: +Ww7pPmZ1kqPzHFD.0
                                                                                                                                                                                                                                                                                                                                                                                X-Microsoft-SLSClientCache: 1440
                                                                                                                                                                                                                                                                                                                                                                                Content-Disposition: attachment; filename=environment.cab
                                                                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:05 GMT
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 30005
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:06 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:06 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                107192.168.2.54984113.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:06 UTC192OUTGET /rules/rule701250v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:06 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:06 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1358
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE022ECC5"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 45336a67-c01e-0014-2f6a-3ca6a3000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111506Z-174c587ffdfx984chC1TEB676g00000004d0000000004hvf
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:06 UTC1358INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 32 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 56 69 73 69 6f 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 56 69 73 69 6f 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701250" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Visio" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenVisio" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                108192.168.2.54984213.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:06 UTC192OUTGET /rules/rule700051v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:06 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:06 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1389
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE10A6BC1"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 7e238ec3-901e-00ac-3dfe-3cb69e000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111506Z-178bfbc474bwlrhlhC1NYCy3kg00000005y0000000003n5n
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:06 UTC1389INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 30 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 55 58 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 55 58 22 20 53 3d 22
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700051" V="1" DC="SM" EN="Office.Telemetry.Event.Office.UX.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenUX" S="


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                109192.168.2.54984513.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:07 UTC192OUTGET /rules/rule700050v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:08 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:07 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1352
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:28:01 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE9DEEE28"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 64a4ee2c-301e-0099-6775-3b6683000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111507Z-178bfbc474brk967hC1NYCfu6000000005s00000000030nm
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:08 UTC1352INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 30 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 55 58 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 55 58 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700050" V="1" DC="SM" EN="Office.Telemetry.Event.Office.UX" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenUX" S="Medium" /> <F T="2"> <O T


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                110192.168.2.54985134.117.223.2234433276C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:07 UTC164OUTPOST /receive3 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-enc-sb
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Avast Antivirus
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 291
                                                                                                                                                                                                                                                                                                                                                                                Host: analytics.avcdn.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:07 UTC291OUTData Raw: 0a a0 02 0a 68 42 40 31 46 32 43 43 41 44 33 38 31 32 36 35 36 43 34 39 33 30 36 30 38 33 33 37 43 34 46 42 34 41 35 44 41 39 32 30 32 44 45 31 37 41 46 35 36 35 36 34 37 37 30 32 41 38 33 45 33 46 43 46 33 42 30 4a 24 61 61 32 63 38 36 61 61 2d 37 66 63 35 2d 34 63 38 65 2d 61 36 39 64 2d 31 39 61 37 64 62 63 30 62 37 32 61 12 60 0a 03 3b 03 01 10 a2 ab 98 f4 0c 28 d7 04 5a 4e 0a 0a 53 6d 61 72 74 43 6c 65 61 6e 12 0a 41 63 74 69 76 61 74 69 6f 6e 1a 02 6f 6e 20 00 28 01 32 0a 08 d0 e5 8a ba 06 10 01 18 00 42 09 08 00 10 00 1a 03 31 2d 61 4a 15 6d 6d 6d 5f 63 63 6c 5f 30 31 32 5f 39 39 39 5f 61 38 6b 5f 6d 60 01 22 46 12 0a 36 2e 33 30 2e 31 31 33 38 35 18 01 22 2f 31 30 2e 30 20 28 42 75 69 6c 64 20 31 39 30 34 35 2c 20 52 65 6c 65 61 73 65 20 32 30 30
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: hB@1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0J$aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a`;(ZNSmartCleanActivationon (2B1-aJmmm_ccl_012_999_a8k_m`"F6.30.11385"/10.0 (Build 19045, Release 200
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:08 UTC255INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:08 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 24
                                                                                                                                                                                                                                                                                                                                                                                X-ASW-Receiver-Ack: processed
                                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:08 UTC24INData Raw: 52 65 63 65 69 76 65 72 2d 41 63 6b 3a 20 70 72 6f 63 65 73 73 65 64 0a
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: Receiver-Ack: processed


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                111192.168.2.54984934.117.223.2234432992C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:07 UTC164OUTPOST /receive3 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-enc-sb
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Avast Antivirus
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 300
                                                                                                                                                                                                                                                                                                                                                                                Host: analytics.avcdn.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:07 UTC300OUTData Raw: 0a a9 02 0a 68 42 40 31 46 32 43 43 41 44 33 38 31 32 36 35 36 43 34 39 33 30 36 30 38 33 33 37 43 34 46 42 34 41 35 44 41 39 32 30 32 44 45 31 37 41 46 35 36 35 36 34 37 37 30 32 41 38 33 45 33 46 43 46 33 42 30 4a 24 61 61 32 63 38 36 61 61 2d 37 66 63 35 2d 34 63 38 65 2d 61 36 39 64 2d 31 39 61 37 64 62 63 30 62 37 32 61 12 69 0a 03 3b 03 01 10 ae ab 98 f4 0c 28 d7 04 5a 57 0a 13 55 70 64 61 74 65 4e 6f 74 69 66 69 63 61 74 69 6f 6e 73 12 0a 41 63 74 69 76 61 74 69 6f 6e 1a 02 6f 6e 20 00 28 01 32 0a 08 d0 e5 8a ba 06 10 02 18 00 42 09 08 00 10 00 1a 03 31 2d 61 4a 15 6d 6d 6d 5f 63 63 6c 5f 30 31 32 5f 39 39 39 5f 61 38 6b 5f 6d 60 01 22 46 12 0a 36 2e 33 30 2e 31 31 33 38 35 18 01 22 2f 31 30 2e 30 20 28 42 75 69 6c 64 20 31 39 30 34 35 2c 20 52 65
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: hB@1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0J$aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72ai;(ZWUpdateNotificationsActivationon (2B1-aJmmm_ccl_012_999_a8k_m`"F6.30.11385"/10.0 (Build 19045, Re
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:08 UTC255INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:08 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 24
                                                                                                                                                                                                                                                                                                                                                                                X-ASW-Receiver-Ack: processed
                                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:08 UTC24INData Raw: 52 65 63 65 69 76 65 72 2d 41 63 6b 3a 20 70 72 6f 63 65 73 73 65 64 0a
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: Receiver-Ack: processed


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                112192.168.2.54984713.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:07 UTC192OUTGET /rules/rule702950v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:08 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:08 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1368
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDDC22447"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: f18ba134-001e-008d-7b76-3bd91e000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111508Z-15b8b599d8885prmhC1TEBsnkw00000004f0000000008c01
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:08 UTC1368INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 39 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 72 61 6e 73 6c 61 74 6f 72 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 72 61 6e 73 6c 61 74 6f 72 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702950" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Translator" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTranslator" S="Medium" /> <F T=


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                113192.168.2.54984613.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:07 UTC192OUTGET /rules/rule702951v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:08 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:08 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1405
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE12B5C71"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: b43d4aba-301e-0020-1845-3c6299000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111508Z-15b8b599d88phfhnhC1TEBr51n00000004f0000000008vy2
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:08 UTC1405INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 39 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 72 61 6e 73 6c 61 74 6f 72 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702951" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Translator.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToke


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                114192.168.2.54985013.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:08 UTC192OUTGET /rules/rule701151v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:08 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:08 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1401
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:45 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE055B528"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 07391f24-a01e-0032-508c-3a1949000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111508Z-178bfbc474bmqmgjhC1NYCy16c00000005x00000000090cf
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:08 UTC1401INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 31 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 78 74 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 78 74 41
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701151" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Text.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTextA


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                115192.168.2.54985213.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:08 UTC192OUTGET /rules/rule701150v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:08 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:08 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1364
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:46 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE1223606"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 6d656984-c01e-008d-0d1b-3d2eec000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111508Z-178bfbc474btvfdfhC1NYCa2en00000005wg00000000924q
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:08 UTC1364INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 31 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 78 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 78 74 41 6e 64 46 6f 6e 74 73 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701150" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Text" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTextAndFonts" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                116192.168.2.549856104.18.87.424436948C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:08 UTC576OUTGET /consent/831b8ee0-e952-49a5-af6b-01382c722774/OtAutoBlock.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Host: cdn.cookielaw.org
                                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                                                                sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                                                                Referer: https://www.ccleaner.com/
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC987INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:08 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/javascript
                                                                                                                                                                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                CF-Ray: 8e78fabc08148c2f-EWR
                                                                                                                                                                                                                                                                                                                                                                                CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                                                                                                                Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                                                Age: 2521
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=86400
                                                                                                                                                                                                                                                                                                                                                                                Expires: Mon, 25 Nov 2024 11:15:08 GMT
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 13 Aug 2024 14:30:25 GMT
                                                                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Content-MD5: KQnH3XO6FDi+7xN6YpnIfg==
                                                                                                                                                                                                                                                                                                                                                                                Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                                                                x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                                                                x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 9b2d54fe-c01e-007c-7e4c-260ebf000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                                                                Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                                                                Server: cloudflare
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC382INData Raw: 37 62 63 36 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 6e 28 64 29 7b 76 61 72 20 67 3d 5b 5d 2c 61 3d 5b 5d 2c 66 3d 66 75 6e 63 74 69 6f 6e 28 63 29 7b 66 6f 72 28 76 61 72 20 62 3d 7b 7d 2c 65 3d 30 3b 65 3c 7a 2e 6c 65 6e 67 74 68 3b 65 2b 2b 29 7b 76 61 72 20 68 3d 7a 5b 65 5d 3b 69 66 28 68 2e 54 61 67 3d 3d 3d 63 29 7b 62 3d 68 3b 62 72 65 61 6b 7d 76 61 72 20 6b 3d 28 72 3d 68 2e 54 61 67 2c 74 3d 78 3d 6c 3d 76 6f 69 64 20 30 2c 6c 3d 2d 31 21 3d 3d 28 74 3d 72 29 2e 69 6e 64 65 78 4f 66 28 22 68 74 74 70 3a 22 29 3f 74 2e 72 65 70 6c 61 63 65 28 22 68 74 74 70 3a 22 2c 22 22 29 3a 74 2e 72 65 70 6c 61 63 65 28 22 68 74 74 70 73 3a 22 2c 22 22 29 2c 2d 31 21 3d 3d 28 78 3d 6c 2e 69 6e 64 65 78 4f 66 28 22 3f 22 29 29 3f
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: 7bc6!function(){function n(d){var g=[],a=[],f=function(c){for(var b={},e=0;e<z.length;e++){var h=z[e];if(h.Tag===c){b=h;break}var k=(r=h.Tag,t=x=l=void 0,l=-1!==(t=r).indexOf("http:")?t.replace("http:",""):t.replace("https:",""),-1!==(x=l.indexOf("?"))?
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC1369INData Raw: 43 61 74 65 67 6f 72 79 49 64 26 26 28 67 3d 66 2e 43 61 74 65 67 6f 72 79 49 64 29 2c 66 2e 56 65 6e 64 6f 72 26 26 28 61 3d 66 2e 56 65 6e 64 6f 72 2e 73 70 6c 69 74 28 22 3a 22 29 29 2c 21 66 2e 54 61 67 26 26 44 26 26 28 61 3d 67 3d 66 75 6e 63 74 69 6f 6e 28 63 29 7b 76 61 72 20 62 3d 5b 5d 2c 65 3d 66 75 6e 63 74 69 6f 6e 28 68 29 7b 76 61 72 20 6b 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 61 22 29 3b 0a 6b 2e 68 72 65 66 3d 68 3b 68 3d 6b 2e 68 6f 73 74 6e 61 6d 65 2e 73 70 6c 69 74 28 22 2e 22 29 3b 72 65 74 75 72 6e 2d 31 21 3d 3d 68 2e 69 6e 64 65 78 4f 66 28 22 77 77 77 22 29 7c 7c 32 3c 68 2e 6c 65 6e 67 74 68 3f 68 2e 73 6c 69 63 65 28 31 29 2e 6a 6f 69 6e 28 22 2e 22 29 3a 6b 2e 68 6f 73 74 6e 61 6d 65 7d 28
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: CategoryId&&(g=f.CategoryId),f.Vendor&&(a=f.Vendor.split(":")),!f.Tag&&D&&(a=g=function(c){var b=[],e=function(h){var k=document.createElement("a");k.href=h;h=k.hostname.split(".");return-1!==h.indexOf("www")||2<h.length?h.slice(1).join("."):k.hostname}(
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC1369INData Raw: 29 29 2c 2d 31 3d 3d 3d 67 2e 69 6e 64 65 78 4f 66 28 22 6f 74 2d 76 73 63 61 74 2d 22 2b 61 29 26 26 28 66 2b 3d 22 20 22 2b 28 22 6f 74 2d 76 73 63 61 74 2d 22 2b 61 29 2e 74 72 69 6d 28 29 29 2c 66 2b 22 20 22 2b 67 7d 76 61 72 20 7a 3d 4a 53 4f 4e 2e 70 61 72 73 65 28 27 5b 7b 22 54 61 67 22 3a 22 68 74 74 70 73 3a 2f 2f 73 63 72 69 70 74 2e 68 6f 74 6a 61 72 2e 63 6f 6d 2f 6d 6f 64 75 6c 65 73 2e 34 61 61 38 64 37 34 38 35 30 30 61 32 38 66 36 34 66 36 65 2e 6a 73 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 32 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 73 3a 2f 2f 63 63 6c 65 61 6e 65 72 2e 73 70 65 65 64 74 65 73 74 63 75 73 74 6f 6d 2e 63 6f 6d 2f 22 2c 22 43 61 74 65 67 6f 72 79 49
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: )),-1===g.indexOf("ot-vscat-"+a)&&(f+=" "+("ot-vscat-"+a).trim()),f+" "+g}var z=JSON.parse('[{"Tag":"https://script.hotjar.com/modules.4aa8d748500a28f64f6e.js","CategoryId":["C0002"],"Vendor":null},{"Tag":"https://ccleaner.speedtestcustom.com/","CategoryI
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC1369INData Raw: 73 2e 62 63 61 30 64 31 63 32 38 32 38 35 34 31 32 62 62 36 38 39 2e 6a 73 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 32 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 3a 2f 2f 70 69 78 70 69 70 65 6c 69 6e 65 2e 63 6f 6d 2f 73 74 2f 35 61 38 32 31 62 63 38 30 32 66 62 2e 6a 70 67 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 34 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 79 6f 75 74 75 62 65 2e 63 6f 6d 2f 65 6d 62 65 64 2f 6c 41 35 44 46 72 62 48 55 52 63 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 32 22 2c 22 43 30 30 30 34 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: s.bca0d1c28285412bb689.js","CategoryId":["C0002"],"Vendor":null},{"Tag":"http://pixpipeline.com/st/5a821bc802fb.jpg","CategoryId":["C0004"],"Vendor":null},{"Tag":"https://www.youtube.com/embed/lA5DFrbHURc","CategoryId":["C0002","C0004"],"Vendor":null},{"T
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC1369INData Raw: 63 6f 6e 73 65 6e 74 2f 69 61 62 63 68 65 63 6b 2f 47 5a 58 54 4e 52 57 41 55 4e 48 56 50 4d 34 34 42 4a 54 45 42 56 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 34 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 3a 2f 2f 77 77 77 2e 62 69 6c 64 65 72 2d 75 70 6c 6f 61 64 2e 65 75 2f 74 68 75 6d 62 2f 36 63 31 36 33 39 2d 31 34 33 39 34 32 33 39 38 34 2e 6a 70 67 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 34 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 7a 65 6e 64 65 73 6b 2e 63 6f 6d 2f 61 70 70 2f 68 65 6c 70 2d 63 65 6e 74 65 72 2d 63 6c 6f 73 65 64 2f 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: consent/iabcheck/GZXTNRWAUNHVPM44BJTEBV","CategoryId":["C0004"],"Vendor":null},{"Tag":"http://www.bilder-upload.eu/thumb/6c1639-1439423984.jpg","CategoryId":["C0004"],"Vendor":null},{"Tag":"https://www.zendesk.com/app/help-center-closed/","CategoryId":["C
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC1369INData Raw: 33 30 38 30 35 30 36 31 61 36 61 2e 6a 73 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 32 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 73 3a 2f 2f 70 69 72 69 66 6f 72 6d 2e 7a 65 6e 64 65 73 6b 2e 63 6f 6d 2f 61 74 74 61 63 68 6d 65 6e 74 73 2f 74 6f 6b 65 6e 2f 4b 53 59 62 35 45 49 68 38 35 6f 33 48 4c 67 70 70 41 42 51 4e 74 68 57 38 2f 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 32 22 2c 22 43 30 30 30 33 22 2c 22 43 30 30 30 34 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 73 3a 2f 2f 6d 63 2e 79 61 6e 64 65 78 2e 72 75 2f 6d 65 74 72 69 6b 61 2f 74 61 67 2e 6a 73 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: 30805061a6a.js","CategoryId":["C0002"],"Vendor":null},{"Tag":"https://piriform.zendesk.com/attachments/token/KSYb5EIh85o3HLgppABQNthW8/","CategoryId":["C0002","C0003","C0004"],"Vendor":null},{"Tag":"https://mc.yandex.ru/metrika/tag.js","CategoryId":["C000
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC1369INData Raw: 64 63 32 35 32 66 32 36 32 35 36 65 34 33 34 35 34 35 64 64 35 34 30 36 32 38 34 38 64 39 64 2e 70 6e 67 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 34 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 70 72 6f 64 75 63 74 62 6f 61 72 64 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 70 6f 72 74 61 6c 2d 38 66 38 34 39 63 64 35 38 30 39 38 39 33 32 31 39 31 61 63 2e 6a 73 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 32 22 2c 22 43 30 30 30 34 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 3a 2f 2f 77 77 77 2e 62 69 6c 64 65 72 2d 75 70 6c 6f 61 64 2e 65 75 2f 74 68 75 6d 62 2f 37 62 31 31 31 37 2d 31 34 33 34 31 33 35 35 37
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: dc252f26256e434545dd54062848d9d.png","CategoryId":["C0004"],"Vendor":null},{"Tag":"https://cdn.productboard.com/assets/portal-8f849cd58098932191ac.js","CategoryId":["C0002","C0004"],"Vendor":null},{"Tag":"http://www.bilder-upload.eu/thumb/7b1117-143413557
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC1369INData Raw: 30 30 35 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 3a 2f 2f 77 77 77 2e 62 69 6c 64 65 72 2d 75 70 6c 6f 61 64 2e 65 75 2f 74 68 75 6d 62 2f 34 32 62 35 34 65 2d 31 34 33 34 34 31 32 37 30 39 2e 6a 70 67 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 34 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 3a 2f 2f 70 69 78 70 69 70 65 6c 69 6e 65 2e 63 6f 6d 2f 73 74 2f 39 66 61 65 38 66 38 32 62 66 64 36 2e 6a 70 67 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 34 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 73 3a 2f 2f 69 64 65 61 73 2e 63 63 6c 65 61 6e 65 72 2e 63 6f 6d 2f 63 2f 33 36 37 2d
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: 005"],"Vendor":null},{"Tag":"http://www.bilder-upload.eu/thumb/42b54e-1434412709.jpg","CategoryId":["C0004"],"Vendor":null},{"Tag":"http://pixpipeline.com/st/9fae8f82bfd6.jpg","CategoryId":["C0004"],"Vendor":null},{"Tag":"https://ideas.ccleaner.com/c/367-
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC1369INData Raw: 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 32 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 61 63 65 62 6f 6f 6b 2e 63 6f 6d 2f 74 72 2f 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 35 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 3a 2f 2f 77 77 77 2e 62 69 6c 64 65 72 2d 75 70 6c 6f 61 64 2e 65 75 2f 74 68 75 6d 62 2f 64 63 64 65 37 32 2d 31 34 33 39 30 34 39 32 39 33 2e 6a 70 67 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 34 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: "https://www.googletagmanager.com/gtag/js","CategoryId":["C0002"],"Vendor":null},{"Tag":"https://www.facebook.com/tr/","CategoryId":["C0005"],"Vendor":null},{"Tag":"http://www.bilder-upload.eu/thumb/dcde72-1439049293.jpg","CategoryId":["C0004"],"Vendor":n
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC1369INData Raw: 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 73 3a 2f 2f 73 31 36 31 37 33 31 30 37 30 33 2e 74 2e 65 6c 6f 71 75 61 2e 63 6f 6d 2f 76 69 73 69 74 6f 72 2f 76 32 30 30 2f 73 76 72 47 50 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 34 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 73 3a 2f 2f 69 64 65 61 73 2e 63 63 6c 65 61 6e 65 72 2e 63 6f 6d 2f 63 2f 33 35 39 2d 69 6d 70 72 6f 76 65 2d 64 69 73 6b 2d 61 6e 61 6c 79 7a 65 72 2d 61 6e 64 2d 64 75 70 6c 69 63 61 74 65 2d 66 69 6c 65 2d 66 69 6e 64 65 72 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 32 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: "],"Vendor":null},{"Tag":"https://s1617310703.t.eloqua.com/visitor/v200/svrGP","CategoryId":["C0004"],"Vendor":null},{"Tag":"https://ideas.ccleaner.com/c/359-improve-disk-analyzer-and-duplicate-file-finder","CategoryId":["C0002"],"Vendor":null},{"Tag":"ht


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                117192.168.2.549857104.18.87.424436948C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:08 UTC545OUTGET /scripttemplates/otSDKStub.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Host: cdn.cookielaw.org
                                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                                                                sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                                                                                                                Referer: https://www.ccleaner.com/
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC859INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:08 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/javascript
                                                                                                                                                                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Content-MD5: Vo/d0f3ZefkwyML/PnJnjg==
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Sat, 23 Nov 2024 02:51:08 GMT
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 57ee8ec9-501e-00fa-437b-3d5a6d000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                                                                x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                                                                x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                                                                Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: max-age=86400
                                                                                                                                                                                                                                                                                                                                                                                CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                                                                                                                Age: 85945
                                                                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                                                                Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                                                                Server: cloudflare
                                                                                                                                                                                                                                                                                                                                                                                CF-RAY: 8e78fabc4cc641de-EWR
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC510INData Raw: 35 37 61 65 0d 0a 76 61 72 20 4f 6e 65 54 72 75 73 74 53 74 75 62 3d 28 74 3d 3e 7b 76 61 72 20 61 2c 6f 2c 72 2c 65 2c 6c 3d 6e 65 77 20 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 6f 70 74 61 6e 6f 6e 43 6f 6f 6b 69 65 4e 61 6d 65 3d 22 4f 70 74 61 6e 6f 6e 43 6f 6e 73 65 6e 74 22 2c 74 68 69 73 2e 6f 70 74 61 6e 6f 6e 48 74 6d 6c 47 72 6f 75 70 44 61 74 61 3d 5b 5d 2c 74 68 69 73 2e 6f 70 74 61 6e 6f 6e 48 6f 73 74 44 61 74 61 3d 5b 5d 2c 74 68 69 73 2e 67 65 6e 56 65 6e 64 6f 72 73 44 61 74 61 3d 5b 5d 2c 74 68 69 73 2e 76 65 6e 64 6f 72 73 53 65 72 76 69 63 65 44 61 74 61 3d 5b 5d 2c 74 68 69 73 2e 49 41 42 43 6f 6f 6b 69 65 56 61 6c 75 65 3d 22 22 2c 74 68 69 73 2e 6f 6e 65 54 72 75 73 74 49 41 42 43 6f 6f 6b 69 65 4e 61 6d 65 3d 22 65 75 70 75
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: 57aevar OneTrustStub=(t=>{var a,o,r,e,l=new function(){this.optanonCookieName="OptanonConsent",this.optanonHtmlGroupData=[],this.optanonHostData=[],this.genVendorsData=[],this.vendorsServiceData=[],this.IABCookieValue="",this.oneTrustIABCookieName="eupu
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC1369INData Raw: 22 2c 22 53 49 22 2c 22 53 4b 22 2c 22 46 49 22 2c 22 53 45 22 2c 22 47 42 22 2c 22 48 52 22 2c 22 4c 49 22 2c 22 4e 4f 22 2c 22 49 53 22 5d 2c 74 68 69 73 2e 73 74 75 62 46 69 6c 65 4e 61 6d 65 3d 22 6f 74 53 44 4b 53 74 75 62 22 2c 74 68 69 73 2e 44 41 54 41 46 49 4c 45 41 54 54 52 49 42 55 54 45 3d 22 64 61 74 61 2d 64 6f 6d 61 69 6e 2d 73 63 72 69 70 74 22 2c 74 68 69 73 2e 62 61 6e 6e 65 72 53 63 72 69 70 74 4e 61 6d 65 3d 22 6f 74 42 61 6e 6e 65 72 53 64 6b 2e 6a 73 22 2c 74 68 69 73 2e 64 6f 6d 50 75 72 69 66 79 53 63 72 69 70 74 4e 61 6d 65 3d 22 6f 74 44 6f 6d 50 75 72 69 66 79 2e 6a 73 22 2c 74 68 69 73 2e 6d 6f 62 69 6c 65 4f 6e 6c 69 6e 65 55 52 4c 3d 5b 5d 2c 74 68 69 73 2e 69 73 4d 69 67 72 61 74 65 64 55 52 4c 3d 21 31 2c 74 68 69 73 2e 6d
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: ","SI","SK","FI","SE","GB","HR","LI","NO","IS"],this.stubFileName="otSDKStub",this.DATAFILEATTRIBUTE="data-domain-script",this.bannerScriptName="otBannerSdk.js",this.domPurifyScriptName="otDomPurify.js",this.mobileOnlineURL=[],this.isMigratedURL=!1,this.m
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC1369INData Raw: 6e 29 69 66 28 2f 3a 2f 2e 74 65 73 74 28 69 5b 6e 5d 29 29 7b 69 66 28 21 28 61 3d 69 5b 6e 5d 2e 73 70 6c 69 74 28 2f 3a 28 2e 2b 29 2f 29 29 5b 31 5d 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 65 5b 74 68 69 73 2e 63 61 6d 65 6c 69 7a 65 28 61 5b 30 5d 29 5d 3d 61 5b 31 5d 2e 74 72 69 6d 28 29 7d 72 65 74 75 72 6e 20 65 7d 2c 69 29 3b 66 75 6e 63 74 69 6f 6e 20 69 28 29 7b 76 61 72 20 74 3d 74 68 69 73 3b 74 68 69 73 2e 69 6d 70 6c 65 6d 65 6e 74 54 68 65 50 6f 6c 79 66 69 6c 6c 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 74 2c 6f 3d 45 6c 65 6d 65 6e 74 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 41 74 74 72 69 62 75 74 65 3b 72 65 74 75 72 6e 20 45 6c 65 6d 65 6e 74 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 41 74 74 72 69 62 75 74 65 3d 66 75 6e
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: n)if(/:/.test(i[n])){if(!(a=i[n].split(/:(.+)/))[1])return null;e[this.camelize(a[0])]=a[1].trim()}return e},i);function i(){var t=this;this.implementThePolyfill=function(){var a=t,o=Element.prototype.setAttribute;return Element.prototype.setAttribute=fun
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC1369INData Raw: 65 73 73 61 67 65 48 61 6e 64 6c 65 72 2c 21 31 29 2c 73 2e 61 64 64 46 72 61 6d 65 28 73 2e 4c 4f 43 41 54 4f 52 5f 4e 41 4d 45 29 29 7d 2c 74 68 69 73 2e 72 65 6d 6f 76 65 47 70 70 41 70 69 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 64 65 6c 65 74 65 20 73 2e 77 69 6e 2e 5f 5f 67 70 70 3b 76 61 72 20 74 3d 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 69 66 72 61 6d 65 5b 6e 61 6d 65 3d 22 2b 73 2e 4c 4f 43 41 54 4f 52 5f 4e 41 4d 45 2b 22 5d 22 29 5b 30 5d 3b 74 26 26 74 2e 70 61 72 65 6e 74 45 6c 65 6d 65 6e 74 2e 72 65 6d 6f 76 65 43 68 69 6c 64 28 74 29 7d 2c 74 68 69 73 2e 65 78 65 63 75 74 65 47 70 70 41 70 69 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 74 3d 5b 5d 2c 65 3d 30 3b 65 3c 61 72 67 75 6d 65
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: essageHandler,!1),s.addFrame(s.LOCATOR_NAME))},this.removeGppApi=function(){delete s.win.__gpp;var t=document.querySelectorAll("iframe[name="+s.LOCATOR_NAME+"]")[0];t&&t.parentElement.removeChild(t)},this.executeGppApi=function(){for(var t=[],e=0;e<argume
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC1369INData Raw: 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 69 66 72 61 6d 65 22 29 29 2e 73 74 79 6c 65 2e 63 73 73 54 65 78 74 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 22 2c 65 2e 6e 61 6d 65 3d 74 2c 65 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 74 69 74 6c 65 22 2c 22 47 50 50 20 4c 6f 63 61 74 6f 72 22 29 2c 69 2e 62 6f 64 79 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 65 29 29 3a 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 73 2e 61 64 64 46 72 61 6d 65 28 74 29 7d 2c 35 29 29 2c 21 6e 7d 2c 74 68 69 73 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 76 61 72 20 69 2c 6e 3d 73 2e 77 69 6e 2e 5f 5f 67 70 70 3b 72 65 74 75 72 6e 20 6e 2e 65 76 65 6e 74 73 3d 6e 2e 65 76 65 6e 74 73 7c 7c 5b 5d 2c 6e 75
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: reateElement("iframe")).style.cssText="display:none",e.name=t,e.setAttribute("title","GPP Locator"),i.body.appendChild(e)):setTimeout(function(){s.addFrame(t)},5)),!n},this.addEventListener=function(t,e){var i,n=s.win.__gpp;return n.events=n.events||[],nu
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC1369INData Raw: 63 79 28 22 6f 74 2d 74 72 75 73 74 65 64 2d 74 79 70 65 2d 70 6f 6c 69 63 79 22 2c 7b 63 72 65 61 74 65 48 54 4d 4c 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 77 69 6e 64 6f 77 2e 44 4f 4d 50 75 72 69 66 79 2e 73 61 6e 69 74 69 7a 65 28 74 29 7d 2c 63 72 65 61 74 65 53 63 72 69 70 74 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 77 69 6e 64 6f 77 2e 44 4f 4d 50 75 72 69 66 79 2e 73 61 6e 69 74 69 7a 65 28 74 29 7d 2c 63 72 65 61 74 65 53 63 72 69 70 74 55 52 4c 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 2c 69 3d 5b 64 6f 63 75 6d 65 6e 74 2e 6c 6f 63 61 74 69 6f 6e 2e 68 6f 73 74 6e 61 6d 65 2c 6e 2e 68 6f 73 74 6e 61 6d 65 5d 3b 74 72 79 7b 65 3d 6e 65 77 20 55 52 4c 28 74 2c 6c 6f 63 61 74 69 6f 6e 2e 6f 72 69
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: cy("ot-trusted-type-policy",{createHTML:function(t){return window.DOMPurify.sanitize(t)},createScript:function(t){return window.DOMPurify.sanitize(t)},createScriptURL:function(t){var e,i=[document.location.hostname,n.hostname];try{e=new URL(t,location.ori
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC1369INData Raw: 3d 6c 2e 73 74 75 62 53 63 72 69 70 74 45 6c 65 6d 65 6e 74 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 64 61 74 61 2d 70 72 65 76 69 65 77 2d 6d 6f 64 65 22 29 2c 74 68 69 73 2e 6f 74 46 65 74 63 68 28 6c 2e 62 61 6e 6e 65 72 44 61 74 61 50 61 72 65 6e 74 55 52 4c 2c 74 68 69 73 2e 67 65 74 4c 6f 63 61 74 69 6f 6e 2e 62 69 6e 64 28 74 68 69 73 29 29 7d 2c 66 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 44 6f 6d 61 69 6e 49 66 42 75 6c 6b 44 6f 6d 61 69 6e 45 6e 61 62 6c 65 64 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 74 26 26 74 2e 54 65 6e 61 6e 74 46 65 61 74 75 72 65 73 2c 69 3d 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 6f 73 74 6e 61 6d 65 2c 6e 3d 74 2e 44 6f 6d 61 69 6e 2c 61 3d 74 2e 42 75 6c 6b 44 6f 6d 61 69 6e 43 68 65 63
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: =l.stubScriptElement.getAttribute("data-preview-mode"),this.otFetch(l.bannerDataParentURL,this.getLocation.bind(this))},f.prototype.setDomainIfBulkDomainEnabled=function(t){var e=t&&t.TenantFeatures,i=window.location.hostname,n=t.Domain,a=t.BulkDomainChec
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC1369INData Raw: 69 74 28 22 3b 22 29 5b 30 5d 2c 69 3d 69 2e 73 70 6c 69 74 28 22 3b 22 29 5b 31 5d 2c 74 68 69 73 2e 73 65 74 47 65 6f 4c 6f 63 61 74 69 6f 6e 28 65 2c 69 29 2c 74 68 69 73 2e 61 64 64 42 61 6e 6e 65 72 53 44 4b 53 63 72 69 70 74 28 74 29 29 3a 74 68 69 73 2e 67 65 74 47 65 6f 4c 6f 63 61 74 69 6f 6e 28 74 29 7d 2c 66 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 6e 64 6c 65 42 75 6c 6b 44 6f 6d 61 69 6e 4d 67 6d 74 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 77 69 6e 64 6f 77 2e 73 65 73 73 69 6f 6e 53 74 6f 72 61 67 65 26 26 77 69 6e 64 6f 77 2e 73 65 73 73 69 6f 6e 53 74 6f 72 61 67 65 2e 73 65 74 49 74 65 6d 28 22 62 75 6c 6b 44 6f 6d 61 69 6e 4d 67 6d 74 45 6e 61 62 6c 65 64 22 2c 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 74 2e 69 73 56 61 6c 69 64 29
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: it(";")[0],i=i.split(";")[1],this.setGeoLocation(e,i),this.addBannerSDKScript(t)):this.getGeoLocation(t)},f.prototype.handleBulkDomainMgmt=function(t,e){window.sessionStorage&&window.sessionStorage.setItem("bulkDomainMgmtEnabled",JSON.stringify(t.isValid)
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC1369INData Raw: 20 6f 3d 77 69 6e 64 6f 77 2e 73 65 73 73 69 6f 6e 53 74 6f 72 61 67 65 26 26 77 69 6e 64 6f 77 2e 73 65 73 73 69 6f 6e 53 74 6f 72 61 67 65 2e 67 65 74 49 74 65 6d 28 22 6f 74 50 72 65 76 69 65 77 44 61 74 61 22 29 3b 69 66 28 6e 65 77 20 52 65 67 45 78 70 28 22 5e 66 69 6c 65 3a 2f 2f 22 2c 22 69 22 29 2e 74 65 73 74 28 74 29 29 74 68 69 73 2e 6f 74 46 65 74 63 68 4f 66 66 6c 69 6e 65 46 69 6c 65 28 74 2c 69 29 3b 65 6c 73 65 20 69 66 28 30 3c 3d 74 2e 69 6e 64 65 78 4f 66 28 22 2f 63 6f 6e 73 65 6e 74 2f 22 29 26 26 74 68 69 73 2e 70 72 65 76 69 65 77 4d 6f 64 65 26 26 6f 29 7b 6f 3d 4a 53 4f 4e 2e 70 61 72 73 65 28 6f 29 2e 64 6f 6d 61 69 6e 4a 73 6f 6e 3b 69 28 6f 29 7d 65 6c 73 65 7b 6c 2e 6d 6f 62 69 6c 65 4f 6e 6c 69 6e 65 55 52 4c 2e 70 75 73 68
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: o=window.sessionStorage&&window.sessionStorage.getItem("otPreviewData");if(new RegExp("^file://","i").test(t))this.otFetchOfflineFile(t,i);else if(0<=t.indexOf("/consent/")&&this.previewMode&&o){o=JSON.parse(o).domainJson;i(o)}else{l.mobileOnlineURL.push
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC1369INData Raw: 28 76 61 72 20 73 3d 61 2e 73 74 61 74 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 72 3d 61 2e 63 6f 75 6e 74 72 79 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 75 3d 30 3b 75 3c 74 2e 52 75 6c 65 53 65 74 2e 6c 65 6e 67 74 68 3b 75 2b 2b 29 69 66 28 21 30 3d 3d 3d 74 2e 52 75 6c 65 53 65 74 5b 75 5d 2e 47 6c 6f 62 61 6c 29 6e 3d 74 2e 52 75 6c 65 53 65 74 5b 75 5d 3b 65 6c 73 65 7b 76 61 72 20 70 3d 74 2e 52 75 6c 65 53 65 74 5b 75 5d 2e 53 74 61 74 65 73 3b 69 66 28 70 5b 72 5d 26 26 30 3c 3d 70 5b 72 5d 2e 69 6e 64 65 78 4f 66 28 73 29 29 7b 69 3d 74 2e 52 75 6c 65 53 65 74 5b 75 5d 3b 62 72 65 61 6b 7d 30 3c 3d 74 2e 52 75 6c 65 53 65 74 5b 75 5d 2e 43 6f 75 6e 74 72 69 65 73 2e 69 6e 64 65 78 4f 66 28 72 29 26 26 28 65 3d 74 2e 52 75 6c 65 53 65
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: (var s=a.state.toLowerCase(),r=a.country.toLowerCase(),u=0;u<t.RuleSet.length;u++)if(!0===t.RuleSet[u].Global)n=t.RuleSet[u];else{var p=t.RuleSet[u].States;if(p[r]&&0<=p[r].indexOf(s)){i=t.RuleSet[u];break}0<=t.RuleSet[u].Countries.indexOf(r)&&(e=t.RuleSe


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                118192.168.2.54986234.117.223.2234432992C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC164OUTPOST /receive3 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-enc-sb
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Avast Antivirus
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 292
                                                                                                                                                                                                                                                                                                                                                                                Host: analytics.avcdn.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC292OUTData Raw: 0a a1 02 0a 68 42 40 31 46 32 43 43 41 44 33 38 31 32 36 35 36 43 34 39 33 30 36 30 38 33 33 37 43 34 46 42 34 41 35 44 41 39 32 30 32 44 45 31 37 41 46 35 36 35 36 34 37 37 30 32 41 38 33 45 33 46 43 46 33 42 30 4a 24 61 61 32 63 38 36 61 61 2d 37 66 63 35 2d 34 63 38 65 2d 61 36 39 64 2d 31 39 61 37 64 62 63 30 62 37 32 61 12 61 0a 03 3b 03 01 10 ae ab 98 f4 0c 28 d7 04 5a 4f 0a 0b 41 75 74 6f 55 70 64 61 74 65 73 12 0a 41 63 74 69 76 61 74 69 6f 6e 1a 02 6f 6e 20 00 28 01 32 0a 08 d0 e5 8a ba 06 10 02 18 00 42 09 08 00 10 00 1a 03 31 2d 61 4a 15 6d 6d 6d 5f 63 63 6c 5f 30 31 32 5f 39 39 39 5f 61 38 6b 5f 6d 60 01 22 46 12 0a 36 2e 33 30 2e 31 31 33 38 35 18 01 22 2f 31 30 2e 30 20 28 42 75 69 6c 64 20 31 39 30 34 35 2c 20 52 65 6c 65 61 73 65 20 32 30
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: hB@1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0J$aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72aa;(ZOAutoUpdatesActivationon (2B1-aJmmm_ccl_012_999_a8k_m`"F6.30.11385"/10.0 (Build 19045, Release 20
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC255INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:09 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 24
                                                                                                                                                                                                                                                                                                                                                                                X-ASW-Receiver-Ack: processed
                                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC24INData Raw: 52 65 63 65 69 76 65 72 2d 41 63 6b 3a 20 70 72 6f 63 65 73 73 65 64 0a
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: Receiver-Ack: processed


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                119192.168.2.54986713.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC192OUTGET /rules/rule700401v2s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:10 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:10 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1403
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:38 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDCB4853F"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: f30e7def-101e-0065-0967-3d4088000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111510Z-178bfbc474bv7whqhC1NYC1fg400000005u0000000009rtw
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:10 UTC1403INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 34 30 31 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700401" V="2" DC="SM" EN="Office.Telemetry.Event.Office.Telemetry.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                120192.168.2.54986334.117.223.2234433276C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC164OUTPOST /receive3 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-enc-sb
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Avast Antivirus
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 303
                                                                                                                                                                                                                                                                                                                                                                                Host: analytics.avcdn.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:09 UTC303OUTData Raw: 0a ac 02 0a 68 42 40 31 46 32 43 43 41 44 33 38 31 32 36 35 36 43 34 39 33 30 36 30 38 33 33 37 43 34 46 42 34 41 35 44 41 39 32 30 32 44 45 31 37 41 46 35 36 35 36 34 37 37 30 32 41 38 33 45 33 46 43 46 33 42 30 4a 24 61 61 32 63 38 36 61 61 2d 37 66 63 35 2d 34 63 38 65 2d 61 36 39 64 2d 31 39 61 37 64 62 63 30 62 37 32 61 12 6c 0a 03 3b 03 01 10 a2 ab 98 f4 0c 28 d7 04 5a 5a 0a 15 53 6d 61 72 74 43 6c 65 61 6e 3a 4a 75 6e 6b 41 6c 65 72 74 73 12 0a 41 63 74 69 76 61 74 69 6f 6e 1a 03 6f 66 66 20 00 28 01 32 0a 08 d0 e5 8a ba 06 10 01 18 00 42 09 08 00 10 00 1a 03 31 2d 61 4a 15 6d 6d 6d 5f 63 63 6c 5f 30 31 32 5f 39 39 39 5f 61 38 6b 5f 6d 60 01 22 46 12 0a 36 2e 33 30 2e 31 31 33 38 35 18 01 22 2f 31 30 2e 30 20 28 42 75 69 6c 64 20 31 39 30 34 35 2c
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: hB@1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0J$aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72al;(ZZSmartClean:JunkAlertsActivationoff (2B1-aJmmm_ccl_012_999_a8k_m`"F6.30.11385"/10.0 (Build 19045,
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:10 UTC255INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:10 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 24
                                                                                                                                                                                                                                                                                                                                                                                X-ASW-Receiver-Ack: processed
                                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:10 UTC24INData Raw: 52 65 63 65 69 76 65 72 2d 41 63 6b 3a 20 70 72 6f 63 65 73 73 65 64 0a
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: Receiver-Ack: processed


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                121192.168.2.54986413.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:10 UTC192OUTGET /rules/rule702201v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:10 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:10 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1397
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:56 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE7262739"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: e297a76c-801e-0083-6c67-3df0ae000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111510Z-15b8b599d88vp97chC1TEB5pzw000000048g00000000cqpf
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:10 UTC1397INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 32 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 6c 4d 65 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702201" V="1" DC="SM" EN="Office.Telemetry.Event.Office.TellMe.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTel


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                122192.168.2.54986513.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:10 UTC192OUTGET /rules/rule702200v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:10 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:10 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1360
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDDEB5124"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 0da4534b-a01e-0053-0345-3d8603000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111510Z-174c587ffdf9xbcchC1TEBxkz4000000043000000000hd5p
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:10 UTC1360INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 32 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 6c 4d 65 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c 6c 4d 65 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702200" V="1" DC="SM" EN="Office.Telemetry.Event.Office.TellMe" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTellMe" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                123192.168.2.54986813.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:10 UTC192OUTGET /rules/rule700400v2s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:10 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1366
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:36 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDB779FC3"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: e2992625-501e-005b-678c-3ad7f7000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111510Z-174c587ffdfb485jhC1TEBmc1s0000000480000000003esh
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC1366INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 34 30 30 22 20 56 3d 22 32 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 54 65 6c 65 6d 65 74 72 79 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700400" V="2" DC="SM" EN="Office.Telemetry.Event.Office.Telemetry" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenTelemetry" S="Medium" /> <F T="2


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                124192.168.2.549870104.18.87.424436948C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:10 UTC369OUTGET /scripttemplates/otSDKStub.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Host: cdn.cookielaw.org
                                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC859INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:10 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/javascript
                                                                                                                                                                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Content-MD5: Vo/d0f3ZefkwyML/PnJnjg==
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Sat, 23 Nov 2024 02:51:08 GMT
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 57ee8ec9-501e-00fa-437b-3d5a6d000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                                                                x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                                                                x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                                                                Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: max-age=86400
                                                                                                                                                                                                                                                                                                                                                                                CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                                                                                                                Age: 85947
                                                                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                                                                Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                                                                Server: cloudflare
                                                                                                                                                                                                                                                                                                                                                                                CF-RAY: 8e78fac90cee72ad-EWR
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC510INData Raw: 35 37 61 65 0d 0a 76 61 72 20 4f 6e 65 54 72 75 73 74 53 74 75 62 3d 28 74 3d 3e 7b 76 61 72 20 61 2c 6f 2c 72 2c 65 2c 6c 3d 6e 65 77 20 66 75 6e 63 74 69 6f 6e 28 29 7b 74 68 69 73 2e 6f 70 74 61 6e 6f 6e 43 6f 6f 6b 69 65 4e 61 6d 65 3d 22 4f 70 74 61 6e 6f 6e 43 6f 6e 73 65 6e 74 22 2c 74 68 69 73 2e 6f 70 74 61 6e 6f 6e 48 74 6d 6c 47 72 6f 75 70 44 61 74 61 3d 5b 5d 2c 74 68 69 73 2e 6f 70 74 61 6e 6f 6e 48 6f 73 74 44 61 74 61 3d 5b 5d 2c 74 68 69 73 2e 67 65 6e 56 65 6e 64 6f 72 73 44 61 74 61 3d 5b 5d 2c 74 68 69 73 2e 76 65 6e 64 6f 72 73 53 65 72 76 69 63 65 44 61 74 61 3d 5b 5d 2c 74 68 69 73 2e 49 41 42 43 6f 6f 6b 69 65 56 61 6c 75 65 3d 22 22 2c 74 68 69 73 2e 6f 6e 65 54 72 75 73 74 49 41 42 43 6f 6f 6b 69 65 4e 61 6d 65 3d 22 65 75 70 75
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: 57aevar OneTrustStub=(t=>{var a,o,r,e,l=new function(){this.optanonCookieName="OptanonConsent",this.optanonHtmlGroupData=[],this.optanonHostData=[],this.genVendorsData=[],this.vendorsServiceData=[],this.IABCookieValue="",this.oneTrustIABCookieName="eupu
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC1369INData Raw: 22 2c 22 53 49 22 2c 22 53 4b 22 2c 22 46 49 22 2c 22 53 45 22 2c 22 47 42 22 2c 22 48 52 22 2c 22 4c 49 22 2c 22 4e 4f 22 2c 22 49 53 22 5d 2c 74 68 69 73 2e 73 74 75 62 46 69 6c 65 4e 61 6d 65 3d 22 6f 74 53 44 4b 53 74 75 62 22 2c 74 68 69 73 2e 44 41 54 41 46 49 4c 45 41 54 54 52 49 42 55 54 45 3d 22 64 61 74 61 2d 64 6f 6d 61 69 6e 2d 73 63 72 69 70 74 22 2c 74 68 69 73 2e 62 61 6e 6e 65 72 53 63 72 69 70 74 4e 61 6d 65 3d 22 6f 74 42 61 6e 6e 65 72 53 64 6b 2e 6a 73 22 2c 74 68 69 73 2e 64 6f 6d 50 75 72 69 66 79 53 63 72 69 70 74 4e 61 6d 65 3d 22 6f 74 44 6f 6d 50 75 72 69 66 79 2e 6a 73 22 2c 74 68 69 73 2e 6d 6f 62 69 6c 65 4f 6e 6c 69 6e 65 55 52 4c 3d 5b 5d 2c 74 68 69 73 2e 69 73 4d 69 67 72 61 74 65 64 55 52 4c 3d 21 31 2c 74 68 69 73 2e 6d
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: ","SI","SK","FI","SE","GB","HR","LI","NO","IS"],this.stubFileName="otSDKStub",this.DATAFILEATTRIBUTE="data-domain-script",this.bannerScriptName="otBannerSdk.js",this.domPurifyScriptName="otDomPurify.js",this.mobileOnlineURL=[],this.isMigratedURL=!1,this.m
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC1369INData Raw: 6e 29 69 66 28 2f 3a 2f 2e 74 65 73 74 28 69 5b 6e 5d 29 29 7b 69 66 28 21 28 61 3d 69 5b 6e 5d 2e 73 70 6c 69 74 28 2f 3a 28 2e 2b 29 2f 29 29 5b 31 5d 29 72 65 74 75 72 6e 20 6e 75 6c 6c 3b 65 5b 74 68 69 73 2e 63 61 6d 65 6c 69 7a 65 28 61 5b 30 5d 29 5d 3d 61 5b 31 5d 2e 74 72 69 6d 28 29 7d 72 65 74 75 72 6e 20 65 7d 2c 69 29 3b 66 75 6e 63 74 69 6f 6e 20 69 28 29 7b 76 61 72 20 74 3d 74 68 69 73 3b 74 68 69 73 2e 69 6d 70 6c 65 6d 65 6e 74 54 68 65 50 6f 6c 79 66 69 6c 6c 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 61 3d 74 2c 6f 3d 45 6c 65 6d 65 6e 74 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 41 74 74 72 69 62 75 74 65 3b 72 65 74 75 72 6e 20 45 6c 65 6d 65 6e 74 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 41 74 74 72 69 62 75 74 65 3d 66 75 6e
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: n)if(/:/.test(i[n])){if(!(a=i[n].split(/:(.+)/))[1])return null;e[this.camelize(a[0])]=a[1].trim()}return e},i);function i(){var t=this;this.implementThePolyfill=function(){var a=t,o=Element.prototype.setAttribute;return Element.prototype.setAttribute=fun
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC1369INData Raw: 65 73 73 61 67 65 48 61 6e 64 6c 65 72 2c 21 31 29 2c 73 2e 61 64 64 46 72 61 6d 65 28 73 2e 4c 4f 43 41 54 4f 52 5f 4e 41 4d 45 29 29 7d 2c 74 68 69 73 2e 72 65 6d 6f 76 65 47 70 70 41 70 69 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 64 65 6c 65 74 65 20 73 2e 77 69 6e 2e 5f 5f 67 70 70 3b 76 61 72 20 74 3d 64 6f 63 75 6d 65 6e 74 2e 71 75 65 72 79 53 65 6c 65 63 74 6f 72 41 6c 6c 28 22 69 66 72 61 6d 65 5b 6e 61 6d 65 3d 22 2b 73 2e 4c 4f 43 41 54 4f 52 5f 4e 41 4d 45 2b 22 5d 22 29 5b 30 5d 3b 74 26 26 74 2e 70 61 72 65 6e 74 45 6c 65 6d 65 6e 74 2e 72 65 6d 6f 76 65 43 68 69 6c 64 28 74 29 7d 2c 74 68 69 73 2e 65 78 65 63 75 74 65 47 70 70 41 70 69 3d 66 75 6e 63 74 69 6f 6e 28 29 7b 66 6f 72 28 76 61 72 20 74 3d 5b 5d 2c 65 3d 30 3b 65 3c 61 72 67 75 6d 65
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: essageHandler,!1),s.addFrame(s.LOCATOR_NAME))},this.removeGppApi=function(){delete s.win.__gpp;var t=document.querySelectorAll("iframe[name="+s.LOCATOR_NAME+"]")[0];t&&t.parentElement.removeChild(t)},this.executeGppApi=function(){for(var t=[],e=0;e<argume
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC1369INData Raw: 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 69 66 72 61 6d 65 22 29 29 2e 73 74 79 6c 65 2e 63 73 73 54 65 78 74 3d 22 64 69 73 70 6c 61 79 3a 6e 6f 6e 65 22 2c 65 2e 6e 61 6d 65 3d 74 2c 65 2e 73 65 74 41 74 74 72 69 62 75 74 65 28 22 74 69 74 6c 65 22 2c 22 47 50 50 20 4c 6f 63 61 74 6f 72 22 29 2c 69 2e 62 6f 64 79 2e 61 70 70 65 6e 64 43 68 69 6c 64 28 65 29 29 3a 73 65 74 54 69 6d 65 6f 75 74 28 66 75 6e 63 74 69 6f 6e 28 29 7b 73 2e 61 64 64 46 72 61 6d 65 28 74 29 7d 2c 35 29 29 2c 21 6e 7d 2c 74 68 69 73 2e 61 64 64 45 76 65 6e 74 4c 69 73 74 65 6e 65 72 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 76 61 72 20 69 2c 6e 3d 73 2e 77 69 6e 2e 5f 5f 67 70 70 3b 72 65 74 75 72 6e 20 6e 2e 65 76 65 6e 74 73 3d 6e 2e 65 76 65 6e 74 73 7c 7c 5b 5d 2c 6e 75
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: reateElement("iframe")).style.cssText="display:none",e.name=t,e.setAttribute("title","GPP Locator"),i.body.appendChild(e)):setTimeout(function(){s.addFrame(t)},5)),!n},this.addEventListener=function(t,e){var i,n=s.win.__gpp;return n.events=n.events||[],nu
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC1369INData Raw: 63 79 28 22 6f 74 2d 74 72 75 73 74 65 64 2d 74 79 70 65 2d 70 6f 6c 69 63 79 22 2c 7b 63 72 65 61 74 65 48 54 4d 4c 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 77 69 6e 64 6f 77 2e 44 4f 4d 50 75 72 69 66 79 2e 73 61 6e 69 74 69 7a 65 28 74 29 7d 2c 63 72 65 61 74 65 53 63 72 69 70 74 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 72 65 74 75 72 6e 20 77 69 6e 64 6f 77 2e 44 4f 4d 50 75 72 69 66 79 2e 73 61 6e 69 74 69 7a 65 28 74 29 7d 2c 63 72 65 61 74 65 53 63 72 69 70 74 55 52 4c 3a 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 2c 69 3d 5b 64 6f 63 75 6d 65 6e 74 2e 6c 6f 63 61 74 69 6f 6e 2e 68 6f 73 74 6e 61 6d 65 2c 6e 2e 68 6f 73 74 6e 61 6d 65 5d 3b 74 72 79 7b 65 3d 6e 65 77 20 55 52 4c 28 74 2c 6c 6f 63 61 74 69 6f 6e 2e 6f 72 69
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: cy("ot-trusted-type-policy",{createHTML:function(t){return window.DOMPurify.sanitize(t)},createScript:function(t){return window.DOMPurify.sanitize(t)},createScriptURL:function(t){var e,i=[document.location.hostname,n.hostname];try{e=new URL(t,location.ori
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC1369INData Raw: 3d 6c 2e 73 74 75 62 53 63 72 69 70 74 45 6c 65 6d 65 6e 74 2e 67 65 74 41 74 74 72 69 62 75 74 65 28 22 64 61 74 61 2d 70 72 65 76 69 65 77 2d 6d 6f 64 65 22 29 2c 74 68 69 73 2e 6f 74 46 65 74 63 68 28 6c 2e 62 61 6e 6e 65 72 44 61 74 61 50 61 72 65 6e 74 55 52 4c 2c 74 68 69 73 2e 67 65 74 4c 6f 63 61 74 69 6f 6e 2e 62 69 6e 64 28 74 68 69 73 29 29 7d 2c 66 2e 70 72 6f 74 6f 74 79 70 65 2e 73 65 74 44 6f 6d 61 69 6e 49 66 42 75 6c 6b 44 6f 6d 61 69 6e 45 6e 61 62 6c 65 64 3d 66 75 6e 63 74 69 6f 6e 28 74 29 7b 76 61 72 20 65 3d 74 26 26 74 2e 54 65 6e 61 6e 74 46 65 61 74 75 72 65 73 2c 69 3d 77 69 6e 64 6f 77 2e 6c 6f 63 61 74 69 6f 6e 2e 68 6f 73 74 6e 61 6d 65 2c 6e 3d 74 2e 44 6f 6d 61 69 6e 2c 61 3d 74 2e 42 75 6c 6b 44 6f 6d 61 69 6e 43 68 65 63
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: =l.stubScriptElement.getAttribute("data-preview-mode"),this.otFetch(l.bannerDataParentURL,this.getLocation.bind(this))},f.prototype.setDomainIfBulkDomainEnabled=function(t){var e=t&&t.TenantFeatures,i=window.location.hostname,n=t.Domain,a=t.BulkDomainChec
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC1369INData Raw: 69 74 28 22 3b 22 29 5b 30 5d 2c 69 3d 69 2e 73 70 6c 69 74 28 22 3b 22 29 5b 31 5d 2c 74 68 69 73 2e 73 65 74 47 65 6f 4c 6f 63 61 74 69 6f 6e 28 65 2c 69 29 2c 74 68 69 73 2e 61 64 64 42 61 6e 6e 65 72 53 44 4b 53 63 72 69 70 74 28 74 29 29 3a 74 68 69 73 2e 67 65 74 47 65 6f 4c 6f 63 61 74 69 6f 6e 28 74 29 7d 2c 66 2e 70 72 6f 74 6f 74 79 70 65 2e 68 61 6e 64 6c 65 42 75 6c 6b 44 6f 6d 61 69 6e 4d 67 6d 74 3d 66 75 6e 63 74 69 6f 6e 28 74 2c 65 29 7b 77 69 6e 64 6f 77 2e 73 65 73 73 69 6f 6e 53 74 6f 72 61 67 65 26 26 77 69 6e 64 6f 77 2e 73 65 73 73 69 6f 6e 53 74 6f 72 61 67 65 2e 73 65 74 49 74 65 6d 28 22 62 75 6c 6b 44 6f 6d 61 69 6e 4d 67 6d 74 45 6e 61 62 6c 65 64 22 2c 4a 53 4f 4e 2e 73 74 72 69 6e 67 69 66 79 28 74 2e 69 73 56 61 6c 69 64 29
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: it(";")[0],i=i.split(";")[1],this.setGeoLocation(e,i),this.addBannerSDKScript(t)):this.getGeoLocation(t)},f.prototype.handleBulkDomainMgmt=function(t,e){window.sessionStorage&&window.sessionStorage.setItem("bulkDomainMgmtEnabled",JSON.stringify(t.isValid)
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC1369INData Raw: 20 6f 3d 77 69 6e 64 6f 77 2e 73 65 73 73 69 6f 6e 53 74 6f 72 61 67 65 26 26 77 69 6e 64 6f 77 2e 73 65 73 73 69 6f 6e 53 74 6f 72 61 67 65 2e 67 65 74 49 74 65 6d 28 22 6f 74 50 72 65 76 69 65 77 44 61 74 61 22 29 3b 69 66 28 6e 65 77 20 52 65 67 45 78 70 28 22 5e 66 69 6c 65 3a 2f 2f 22 2c 22 69 22 29 2e 74 65 73 74 28 74 29 29 74 68 69 73 2e 6f 74 46 65 74 63 68 4f 66 66 6c 69 6e 65 46 69 6c 65 28 74 2c 69 29 3b 65 6c 73 65 20 69 66 28 30 3c 3d 74 2e 69 6e 64 65 78 4f 66 28 22 2f 63 6f 6e 73 65 6e 74 2f 22 29 26 26 74 68 69 73 2e 70 72 65 76 69 65 77 4d 6f 64 65 26 26 6f 29 7b 6f 3d 4a 53 4f 4e 2e 70 61 72 73 65 28 6f 29 2e 64 6f 6d 61 69 6e 4a 73 6f 6e 3b 69 28 6f 29 7d 65 6c 73 65 7b 6c 2e 6d 6f 62 69 6c 65 4f 6e 6c 69 6e 65 55 52 4c 2e 70 75 73 68
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: o=window.sessionStorage&&window.sessionStorage.getItem("otPreviewData");if(new RegExp("^file://","i").test(t))this.otFetchOfflineFile(t,i);else if(0<=t.indexOf("/consent/")&&this.previewMode&&o){o=JSON.parse(o).domainJson;i(o)}else{l.mobileOnlineURL.push
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC1369INData Raw: 28 76 61 72 20 73 3d 61 2e 73 74 61 74 65 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 72 3d 61 2e 63 6f 75 6e 74 72 79 2e 74 6f 4c 6f 77 65 72 43 61 73 65 28 29 2c 75 3d 30 3b 75 3c 74 2e 52 75 6c 65 53 65 74 2e 6c 65 6e 67 74 68 3b 75 2b 2b 29 69 66 28 21 30 3d 3d 3d 74 2e 52 75 6c 65 53 65 74 5b 75 5d 2e 47 6c 6f 62 61 6c 29 6e 3d 74 2e 52 75 6c 65 53 65 74 5b 75 5d 3b 65 6c 73 65 7b 76 61 72 20 70 3d 74 2e 52 75 6c 65 53 65 74 5b 75 5d 2e 53 74 61 74 65 73 3b 69 66 28 70 5b 72 5d 26 26 30 3c 3d 70 5b 72 5d 2e 69 6e 64 65 78 4f 66 28 73 29 29 7b 69 3d 74 2e 52 75 6c 65 53 65 74 5b 75 5d 3b 62 72 65 61 6b 7d 30 3c 3d 74 2e 52 75 6c 65 53 65 74 5b 75 5d 2e 43 6f 75 6e 74 72 69 65 73 2e 69 6e 64 65 78 4f 66 28 72 29 26 26 28 65 3d 74 2e 52 75 6c 65 53 65
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: (var s=a.state.toLowerCase(),r=a.country.toLowerCase(),u=0;u<t.RuleSet.length;u++)if(!0===t.RuleSet[u].Global)n=t.RuleSet[u];else{var p=t.RuleSet[u].States;if(p[r]&&0<=p[r].indexOf(s)){i=t.RuleSet[u];break}0<=t.RuleSet[u].Countries.indexOf(r)&&(e=t.RuleSe


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                125192.168.2.54986913.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:10 UTC192OUTGET /rules/rule700351v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:11 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1397
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:44 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDFD43C07"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: af8656a8-801e-00a0-672a-3c2196000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111511Z-178bfbc474bpscmfhC1NYCfc2c00000004hg0000000026qp
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC1397INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 33 35 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 79 73
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700351" V="1" DC="SM" EN="Office.Telemetry.Event.Office.System.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSys


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                126192.168.2.549871104.18.87.424436948C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:10 UTC400OUTGET /consent/831b8ee0-e952-49a5-af6b-01382c722774/OtAutoBlock.js HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Host: cdn.cookielaw.org
                                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC987INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:11 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/javascript
                                                                                                                                                                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                CF-Ray: 8e78faca5ce84352-EWR
                                                                                                                                                                                                                                                                                                                                                                                CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                                                                                                                Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                                                Age: 2524
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=86400
                                                                                                                                                                                                                                                                                                                                                                                Expires: Mon, 25 Nov 2024 11:15:11 GMT
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 13 Aug 2024 14:30:25 GMT
                                                                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Content-MD5: KQnH3XO6FDi+7xN6YpnIfg==
                                                                                                                                                                                                                                                                                                                                                                                Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                                                                x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                                                                x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 9b2d54fe-c01e-007c-7e4c-260ebf000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                                                                Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                                                                Server: cloudflare
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC382INData Raw: 37 62 63 36 0d 0a 21 66 75 6e 63 74 69 6f 6e 28 29 7b 66 75 6e 63 74 69 6f 6e 20 6e 28 64 29 7b 76 61 72 20 67 3d 5b 5d 2c 61 3d 5b 5d 2c 66 3d 66 75 6e 63 74 69 6f 6e 28 63 29 7b 66 6f 72 28 76 61 72 20 62 3d 7b 7d 2c 65 3d 30 3b 65 3c 7a 2e 6c 65 6e 67 74 68 3b 65 2b 2b 29 7b 76 61 72 20 68 3d 7a 5b 65 5d 3b 69 66 28 68 2e 54 61 67 3d 3d 3d 63 29 7b 62 3d 68 3b 62 72 65 61 6b 7d 76 61 72 20 6b 3d 28 72 3d 68 2e 54 61 67 2c 74 3d 78 3d 6c 3d 76 6f 69 64 20 30 2c 6c 3d 2d 31 21 3d 3d 28 74 3d 72 29 2e 69 6e 64 65 78 4f 66 28 22 68 74 74 70 3a 22 29 3f 74 2e 72 65 70 6c 61 63 65 28 22 68 74 74 70 3a 22 2c 22 22 29 3a 74 2e 72 65 70 6c 61 63 65 28 22 68 74 74 70 73 3a 22 2c 22 22 29 2c 2d 31 21 3d 3d 28 78 3d 6c 2e 69 6e 64 65 78 4f 66 28 22 3f 22 29 29 3f
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: 7bc6!function(){function n(d){var g=[],a=[],f=function(c){for(var b={},e=0;e<z.length;e++){var h=z[e];if(h.Tag===c){b=h;break}var k=(r=h.Tag,t=x=l=void 0,l=-1!==(t=r).indexOf("http:")?t.replace("http:",""):t.replace("https:",""),-1!==(x=l.indexOf("?"))?
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC1369INData Raw: 43 61 74 65 67 6f 72 79 49 64 26 26 28 67 3d 66 2e 43 61 74 65 67 6f 72 79 49 64 29 2c 66 2e 56 65 6e 64 6f 72 26 26 28 61 3d 66 2e 56 65 6e 64 6f 72 2e 73 70 6c 69 74 28 22 3a 22 29 29 2c 21 66 2e 54 61 67 26 26 44 26 26 28 61 3d 67 3d 66 75 6e 63 74 69 6f 6e 28 63 29 7b 76 61 72 20 62 3d 5b 5d 2c 65 3d 66 75 6e 63 74 69 6f 6e 28 68 29 7b 76 61 72 20 6b 3d 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 61 22 29 3b 0a 6b 2e 68 72 65 66 3d 68 3b 68 3d 6b 2e 68 6f 73 74 6e 61 6d 65 2e 73 70 6c 69 74 28 22 2e 22 29 3b 72 65 74 75 72 6e 2d 31 21 3d 3d 68 2e 69 6e 64 65 78 4f 66 28 22 77 77 77 22 29 7c 7c 32 3c 68 2e 6c 65 6e 67 74 68 3f 68 2e 73 6c 69 63 65 28 31 29 2e 6a 6f 69 6e 28 22 2e 22 29 3a 6b 2e 68 6f 73 74 6e 61 6d 65 7d 28
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: CategoryId&&(g=f.CategoryId),f.Vendor&&(a=f.Vendor.split(":")),!f.Tag&&D&&(a=g=function(c){var b=[],e=function(h){var k=document.createElement("a");k.href=h;h=k.hostname.split(".");return-1!==h.indexOf("www")||2<h.length?h.slice(1).join("."):k.hostname}(
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC1369INData Raw: 29 29 2c 2d 31 3d 3d 3d 67 2e 69 6e 64 65 78 4f 66 28 22 6f 74 2d 76 73 63 61 74 2d 22 2b 61 29 26 26 28 66 2b 3d 22 20 22 2b 28 22 6f 74 2d 76 73 63 61 74 2d 22 2b 61 29 2e 74 72 69 6d 28 29 29 2c 66 2b 22 20 22 2b 67 7d 76 61 72 20 7a 3d 4a 53 4f 4e 2e 70 61 72 73 65 28 27 5b 7b 22 54 61 67 22 3a 22 68 74 74 70 73 3a 2f 2f 73 63 72 69 70 74 2e 68 6f 74 6a 61 72 2e 63 6f 6d 2f 6d 6f 64 75 6c 65 73 2e 34 61 61 38 64 37 34 38 35 30 30 61 32 38 66 36 34 66 36 65 2e 6a 73 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 32 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 73 3a 2f 2f 63 63 6c 65 61 6e 65 72 2e 73 70 65 65 64 74 65 73 74 63 75 73 74 6f 6d 2e 63 6f 6d 2f 22 2c 22 43 61 74 65 67 6f 72 79 49
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: )),-1===g.indexOf("ot-vscat-"+a)&&(f+=" "+("ot-vscat-"+a).trim()),f+" "+g}var z=JSON.parse('[{"Tag":"https://script.hotjar.com/modules.4aa8d748500a28f64f6e.js","CategoryId":["C0002"],"Vendor":null},{"Tag":"https://ccleaner.speedtestcustom.com/","CategoryI
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC1369INData Raw: 73 2e 62 63 61 30 64 31 63 32 38 32 38 35 34 31 32 62 62 36 38 39 2e 6a 73 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 32 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 3a 2f 2f 70 69 78 70 69 70 65 6c 69 6e 65 2e 63 6f 6d 2f 73 74 2f 35 61 38 32 31 62 63 38 30 32 66 62 2e 6a 70 67 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 34 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 79 6f 75 74 75 62 65 2e 63 6f 6d 2f 65 6d 62 65 64 2f 6c 41 35 44 46 72 62 48 55 52 63 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 32 22 2c 22 43 30 30 30 34 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: s.bca0d1c28285412bb689.js","CategoryId":["C0002"],"Vendor":null},{"Tag":"http://pixpipeline.com/st/5a821bc802fb.jpg","CategoryId":["C0004"],"Vendor":null},{"Tag":"https://www.youtube.com/embed/lA5DFrbHURc","CategoryId":["C0002","C0004"],"Vendor":null},{"T
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC1369INData Raw: 63 6f 6e 73 65 6e 74 2f 69 61 62 63 68 65 63 6b 2f 47 5a 58 54 4e 52 57 41 55 4e 48 56 50 4d 34 34 42 4a 54 45 42 56 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 34 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 3a 2f 2f 77 77 77 2e 62 69 6c 64 65 72 2d 75 70 6c 6f 61 64 2e 65 75 2f 74 68 75 6d 62 2f 36 63 31 36 33 39 2d 31 34 33 39 34 32 33 39 38 34 2e 6a 70 67 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 34 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 7a 65 6e 64 65 73 6b 2e 63 6f 6d 2f 61 70 70 2f 68 65 6c 70 2d 63 65 6e 74 65 72 2d 63 6c 6f 73 65 64 2f 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: consent/iabcheck/GZXTNRWAUNHVPM44BJTEBV","CategoryId":["C0004"],"Vendor":null},{"Tag":"http://www.bilder-upload.eu/thumb/6c1639-1439423984.jpg","CategoryId":["C0004"],"Vendor":null},{"Tag":"https://www.zendesk.com/app/help-center-closed/","CategoryId":["C
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC1369INData Raw: 33 30 38 30 35 30 36 31 61 36 61 2e 6a 73 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 32 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 73 3a 2f 2f 70 69 72 69 66 6f 72 6d 2e 7a 65 6e 64 65 73 6b 2e 63 6f 6d 2f 61 74 74 61 63 68 6d 65 6e 74 73 2f 74 6f 6b 65 6e 2f 4b 53 59 62 35 45 49 68 38 35 6f 33 48 4c 67 70 70 41 42 51 4e 74 68 57 38 2f 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 32 22 2c 22 43 30 30 30 33 22 2c 22 43 30 30 30 34 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 73 3a 2f 2f 6d 63 2e 79 61 6e 64 65 78 2e 72 75 2f 6d 65 74 72 69 6b 61 2f 74 61 67 2e 6a 73 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: 30805061a6a.js","CategoryId":["C0002"],"Vendor":null},{"Tag":"https://piriform.zendesk.com/attachments/token/KSYb5EIh85o3HLgppABQNthW8/","CategoryId":["C0002","C0003","C0004"],"Vendor":null},{"Tag":"https://mc.yandex.ru/metrika/tag.js","CategoryId":["C000
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC1369INData Raw: 64 63 32 35 32 66 32 36 32 35 36 65 34 33 34 35 34 35 64 64 35 34 30 36 32 38 34 38 64 39 64 2e 70 6e 67 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 34 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 70 72 6f 64 75 63 74 62 6f 61 72 64 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 70 6f 72 74 61 6c 2d 38 66 38 34 39 63 64 35 38 30 39 38 39 33 32 31 39 31 61 63 2e 6a 73 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 32 22 2c 22 43 30 30 30 34 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 3a 2f 2f 77 77 77 2e 62 69 6c 64 65 72 2d 75 70 6c 6f 61 64 2e 65 75 2f 74 68 75 6d 62 2f 37 62 31 31 31 37 2d 31 34 33 34 31 33 35 35 37
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: dc252f26256e434545dd54062848d9d.png","CategoryId":["C0004"],"Vendor":null},{"Tag":"https://cdn.productboard.com/assets/portal-8f849cd58098932191ac.js","CategoryId":["C0002","C0004"],"Vendor":null},{"Tag":"http://www.bilder-upload.eu/thumb/7b1117-143413557
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC1369INData Raw: 30 30 35 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 3a 2f 2f 77 77 77 2e 62 69 6c 64 65 72 2d 75 70 6c 6f 61 64 2e 65 75 2f 74 68 75 6d 62 2f 34 32 62 35 34 65 2d 31 34 33 34 34 31 32 37 30 39 2e 6a 70 67 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 34 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 3a 2f 2f 70 69 78 70 69 70 65 6c 69 6e 65 2e 63 6f 6d 2f 73 74 2f 39 66 61 65 38 66 38 32 62 66 64 36 2e 6a 70 67 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 34 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 73 3a 2f 2f 69 64 65 61 73 2e 63 63 6c 65 61 6e 65 72 2e 63 6f 6d 2f 63 2f 33 36 37 2d
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: 005"],"Vendor":null},{"Tag":"http://www.bilder-upload.eu/thumb/42b54e-1434412709.jpg","CategoryId":["C0004"],"Vendor":null},{"Tag":"http://pixpipeline.com/st/9fae8f82bfd6.jpg","CategoryId":["C0004"],"Vendor":null},{"Tag":"https://ideas.ccleaner.com/c/367-
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC1369INData Raw: 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 67 6f 6f 67 6c 65 74 61 67 6d 61 6e 61 67 65 72 2e 63 6f 6d 2f 67 74 61 67 2f 6a 73 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 32 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 66 61 63 65 62 6f 6f 6b 2e 63 6f 6d 2f 74 72 2f 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 35 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 3a 2f 2f 77 77 77 2e 62 69 6c 64 65 72 2d 75 70 6c 6f 61 64 2e 65 75 2f 74 68 75 6d 62 2f 64 63 64 65 37 32 2d 31 34 33 39 30 34 39 32 39 33 2e 6a 70 67 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 34 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: "https://www.googletagmanager.com/gtag/js","CategoryId":["C0002"],"Vendor":null},{"Tag":"https://www.facebook.com/tr/","CategoryId":["C0005"],"Vendor":null},{"Tag":"http://www.bilder-upload.eu/thumb/dcde72-1439049293.jpg","CategoryId":["C0004"],"Vendor":n
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC1369INData Raw: 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 73 3a 2f 2f 73 31 36 31 37 33 31 30 37 30 33 2e 74 2e 65 6c 6f 71 75 61 2e 63 6f 6d 2f 76 69 73 69 74 6f 72 2f 76 32 30 30 2f 73 76 72 47 50 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 34 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74 74 70 73 3a 2f 2f 69 64 65 61 73 2e 63 63 6c 65 61 6e 65 72 2e 63 6f 6d 2f 63 2f 33 35 39 2d 69 6d 70 72 6f 76 65 2d 64 69 73 6b 2d 61 6e 61 6c 79 7a 65 72 2d 61 6e 64 2d 64 75 70 6c 69 63 61 74 65 2d 66 69 6c 65 2d 66 69 6e 64 65 72 22 2c 22 43 61 74 65 67 6f 72 79 49 64 22 3a 5b 22 43 30 30 30 32 22 5d 2c 22 56 65 6e 64 6f 72 22 3a 6e 75 6c 6c 7d 2c 7b 22 54 61 67 22 3a 22 68 74
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: "],"Vendor":null},{"Tag":"https://s1617310703.t.eloqua.com/visitor/v200/svrGP","CategoryId":["C0004"],"Vendor":null},{"Tag":"https://ideas.ccleaner.com/c/359-improve-disk-analyzer-and-duplicate-file-finder","CategoryId":["C0002"],"Vendor":null},{"Tag":"ht


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                127192.168.2.54987234.117.223.2234432992C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC164OUTPOST /receive3 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-enc-sb
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Avast Antivirus
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 291
                                                                                                                                                                                                                                                                                                                                                                                Host: analytics.avcdn.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC291OUTData Raw: 0a a0 02 0a 68 42 40 31 46 32 43 43 41 44 33 38 31 32 36 35 36 43 34 39 33 30 36 30 38 33 33 37 43 34 46 42 34 41 35 44 41 39 32 30 32 44 45 31 37 41 46 35 36 35 36 34 37 37 30 32 41 38 33 45 33 46 43 46 33 42 30 4a 24 61 61 32 63 38 36 61 61 2d 37 66 63 35 2d 34 63 38 65 2d 61 36 39 64 2d 31 39 61 37 64 62 63 30 62 37 32 61 12 60 0a 03 3b 03 01 10 ae ab 98 f4 0c 28 d7 04 5a 4e 0a 0a 53 6d 61 72 74 43 6c 65 61 6e 12 0a 41 63 74 69 76 61 74 69 6f 6e 1a 02 6f 6e 20 00 28 01 32 0a 08 d0 e5 8a ba 06 10 02 18 00 42 09 08 00 10 00 1a 03 31 2d 61 4a 15 6d 6d 6d 5f 63 63 6c 5f 30 31 32 5f 39 39 39 5f 61 38 6b 5f 6d 60 01 22 46 12 0a 36 2e 33 30 2e 31 31 33 38 35 18 01 22 2f 31 30 2e 30 20 28 42 75 69 6c 64 20 31 39 30 34 35 2c 20 52 65 6c 65 61 73 65 20 32 30 30
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: hB@1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0J$aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a`;(ZNSmartCleanActivationon (2B1-aJmmm_ccl_012_999_a8k_m`"F6.30.11385"/10.0 (Build 19045, Release 200
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC255INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:11 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 24
                                                                                                                                                                                                                                                                                                                                                                                X-ASW-Receiver-Ack: processed
                                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC24INData Raw: 52 65 63 65 69 76 65 72 2d 41 63 6b 3a 20 70 72 6f 63 65 73 73 65 64 0a
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: Receiver-Ack: processed


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                128192.168.2.54987634.117.223.2234433276C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC164OUTPOST /receive3 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-enc-sb
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Avast Antivirus
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 306
                                                                                                                                                                                                                                                                                                                                                                                Host: analytics.avcdn.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:11 UTC306OUTData Raw: 0a af 02 0a 68 42 40 31 46 32 43 43 41 44 33 38 31 32 36 35 36 43 34 39 33 30 36 30 38 33 33 37 43 34 46 42 34 41 35 44 41 39 32 30 32 44 45 31 37 41 46 35 36 35 36 34 37 37 30 32 41 38 33 45 33 46 43 46 33 42 30 4a 24 61 61 32 63 38 36 61 61 2d 37 66 63 35 2d 34 63 38 65 2d 61 36 39 64 2d 31 39 61 37 64 62 63 30 62 37 32 61 12 6f 0a 03 3b 03 01 10 a2 ab 98 f4 0c 28 d7 04 5a 5d 0a 18 53 6d 61 72 74 43 6c 65 61 6e 3a 42 72 6f 77 73 65 72 41 6c 65 72 74 73 12 0a 41 63 74 69 76 61 74 69 6f 6e 1a 03 6f 66 66 20 00 28 01 32 0a 08 d0 e5 8a ba 06 10 01 18 00 42 09 08 00 10 00 1a 03 31 2d 61 4a 15 6d 6d 6d 5f 63 63 6c 5f 30 31 32 5f 39 39 39 5f 61 38 6b 5f 6d 60 01 22 46 12 0a 36 2e 33 30 2e 31 31 33 38 35 18 01 22 2f 31 30 2e 30 20 28 42 75 69 6c 64 20 31 39 30
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: hB@1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0J$aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72ao;(Z]SmartClean:BrowserAlertsActivationoff (2B1-aJmmm_ccl_012_999_a8k_m`"F6.30.11385"/10.0 (Build 190
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:12 UTC255INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:12 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 24
                                                                                                                                                                                                                                                                                                                                                                                X-ASW-Receiver-Ack: processed
                                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:12 UTC24INData Raw: 52 65 63 65 69 76 65 72 2d 41 63 6b 3a 20 70 72 6f 63 65 73 73 65 64 0a
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: Receiver-Ack: processed


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                129192.168.2.54987813.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:12 UTC192OUTGET /rules/rule703901v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:12 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:12 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1427
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:53 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE56F6873"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 4d8c69aa-d01e-0028-1552-3c7896000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111512Z-15b8b599d88qw29phC1TEB5zag000000047g00000000fyck
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:12 UTC1427INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 39 30 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 72 76 69 63 65 61 62 69 6c 69 74 79 4d 61 6e 61 67 65 72 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703901" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ServiceabilityManager.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="Nexu


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                130192.168.2.549883104.18.87.424436948C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:12 UTC633OUTGET /consent/831b8ee0-e952-49a5-af6b-01382c722774/831b8ee0-e952-49a5-af6b-01382c722774.json HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Host: cdn.cookielaw.org
                                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                                                                sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                Origin: https://www.ccleaner.com
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                                                                Referer: https://www.ccleaner.com/
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:12 UTC982INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:12 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                CF-Ray: 8e78fad33db90f51-EWR
                                                                                                                                                                                                                                                                                                                                                                                CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                                                                                                                Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                                                Age: 17448
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=86400
                                                                                                                                                                                                                                                                                                                                                                                Expires: Mon, 25 Nov 2024 11:15:12 GMT
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 13 Aug 2024 14:30:20 GMT
                                                                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Content-MD5: AdkJ+2zp/6A/fQzqijpcMg==
                                                                                                                                                                                                                                                                                                                                                                                Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                                                                x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                                                                x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: f7bb7774-801e-003f-5434-2f2456000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                                                                Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                                                                Server: cloudflare
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:12 UTC387INData Raw: 31 38 61 36 0d 0a 7b 22 43 6f 6f 6b 69 65 53 50 41 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 43 6f 6f 6b 69 65 53 61 6d 65 53 69 74 65 4e 6f 6e 65 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 43 6f 6f 6b 69 65 56 32 43 53 50 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 4d 75 6c 74 69 56 61 72 69 61 6e 74 54 65 73 74 69 6e 67 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 55 73 65 56 32 22 3a 74 72 75 65 2c 22 4d 6f 62 69 6c 65 53 44 4b 22 3a 66 61 6c 73 65 2c 22 53 6b 69 70 47 65 6f 6c 6f 63 61 74 69 6f 6e 22 3a 66 61 6c 73 65 2c 22 53 63 72 69 70 74 54 79 70 65 22 3a 22 50 52 4f 44 55 43 54 49 4f 4e 22 2c 22 56 65 72 73 69 6f 6e 22 3a 22 36 2e 33 36 2e 30 22 2c 22 4f 70 74 61 6e 6f 6e 44 61 74 61 4a 53 4f 4e 22 3a 22 38 33 31 62 38 65 65 30
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: 18a6{"CookieSPAEnabled":false,"CookieSameSiteNoneEnabled":false,"CookieV2CSPEnabled":false,"MultiVariantTestingEnabled":false,"UseV2":true,"MobileSDK":false,"SkipGeolocation":false,"ScriptType":"PRODUCTION","Version":"6.36.0","OptanonDataJSON":"831b8ee0
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:12 UTC1369INData Raw: 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 63 6f 6f 6b 69 65 73 2d 64 61 74 61 2e 6f 6e 65 74 72 75 73 74 2e 69 6f 2f 62 61 6e 6e 65 72 73 64 6b 2f 76 31 2f 64 6f 6d 61 69 6e 67 72 6f 75 70 63 68 65 63 6b 22 2c 22 52 75 6c 65 53 65 74 22 3a 5b 7b 22 49 64 22 3a 22 30 31 39 31 32 37 35 33 2d 38 63 32 31 2d 37 61 31 37 2d 38 38 33 66 2d 30 61 39 31 61 34 65 35 61 65 38 62 22 2c 22 4e 61 6d 65 22 3a 22 55 53 2c 20 41 55 20 e2 80 93 20 41 6c 6c 20 4f 70 74 2d 6f 75 74 22 2c 22 43 6f 75 6e 74 72 69 65 73 22 3a 5b 22 61 75 22 2c 22 75 73 22 5d 2c 22 53 74 61 74 65 73 22 3a 7b 7d 2c 22 4c 61 6e 67 75 61 67 65 53 77 69 74 63 68 65 72 50 6c 61 63 65 68 6f 6c 64 65 72 22 3a 7b 22 64 65 22 3a 22 64 65 22 2c 22 64 65 66 61 75 6c 74 22 3a 22 65 6e 22 2c 22 72 75 22 3a 22
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: rl":"https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck","RuleSet":[{"Id":"01912753-8c21-7a17-883f-0a91a4e5ae8b","Name":"US, AU All Opt-out","Countries":["au","us"],"States":{},"LanguageSwitcherPlaceholder":{"de":"de","default":"en","ru":"
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:12 UTC1369INData Raw: 22 69 74 22 3a 22 69 74 22 2c 22 66 72 22 3a 22 66 72 22 2c 22 65 73 22 3a 22 65 73 22 2c 22 6e 6c 22 3a 22 6e 6c 22 7d 2c 22 42 61 6e 6e 65 72 50 75 73 68 65 73 44 6f 77 6e 22 3a 66 61 6c 73 65 2c 22 44 65 66 61 75 6c 74 22 3a 66 61 6c 73 65 2c 22 47 6c 6f 62 61 6c 22 3a 66 61 6c 73 65 2c 22 54 79 70 65 22 3a 22 47 44 50 52 22 2c 22 55 73 65 47 6f 6f 67 6c 65 56 65 6e 64 6f 72 73 22 3a 66 61 6c 73 65 2c 22 56 61 72 69 61 6e 74 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 54 65 73 74 45 6e 64 54 69 6d 65 22 3a 6e 75 6c 6c 2c 22 56 61 72 69 61 6e 74 73 22 3a 5b 5d 2c 22 54 65 6d 70 6c 61 74 65 4e 61 6d 65 22 3a 22 43 43 6c 65 61 6e 65 72 20 e2 80 93 20 52 45 4a 45 43 54 20 41 4c 4c 20 e2 80 93 20 54 65 6d 70 6c 61 74 65 22 2c 22 43 6f 6e 64 69 74 69 6f
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: "it":"it","fr":"fr","es":"es","nl":"nl"},"BannerPushesDown":false,"Default":false,"Global":false,"Type":"GDPR","UseGoogleVendors":false,"VariantEnabled":false,"TestEndTime":null,"Variants":[],"TemplateName":"CCleaner REJECT ALL Template","Conditio
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:12 UTC1369INData Raw: 22 6d 79 22 2c 22 6d 7a 22 2c 22 6e 61 22 2c 22 6e 63 22 2c 22 6e 65 22 2c 22 6e 66 22 2c 22 6e 67 22 2c 22 6e 69 22 2c 22 6e 70 22 2c 22 6e 72 22 2c 22 6e 75 22 2c 22 6e 7a 22 2c 22 6f 6d 22 2c 22 70 61 22 2c 22 70 65 22 2c 22 70 66 22 2c 22 70 67 22 2c 22 70 68 22 2c 22 70 6b 22 2c 22 70 6d 22 2c 22 70 6e 22 5d 2c 22 53 74 61 74 65 73 22 3a 7b 7d 2c 22 4c 61 6e 67 75 61 67 65 53 77 69 74 63 68 65 72 50 6c 61 63 65 68 6f 6c 64 65 72 22 3a 7b 22 64 65 22 3a 22 64 65 22 2c 22 64 65 66 61 75 6c 74 22 3a 22 65 6e 22 2c 22 72 75 22 3a 22 72 75 22 2c 22 70 74 22 3a 22 70 74 22 2c 22 69 74 22 3a 22 69 74 22 2c 22 66 72 22 3a 22 66 72 22 2c 22 65 73 22 3a 22 65 73 22 2c 22 6e 6c 22 3a 22 6e 6c 22 7d 2c 22 42 61 6e 6e 65 72 50 75 73 68 65 73 44 6f 77 6e 22 3a 66
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: "my","mz","na","nc","ne","nf","ng","ni","np","nr","nu","nz","om","pa","pe","pf","pg","ph","pk","pm","pn"],"States":{},"LanguageSwitcherPlaceholder":{"de":"de","default":"en","ru":"ru","pt":"pt","it":"it","fr":"fr","es":"es","nl":"nl"},"BannerPushesDown":f
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:12 UTC1369INData Raw: 6e 73 65 6e 74 53 63 72 65 65 6e 22 3a 22 31 22 2c 22 63 6f 6e 73 65 6e 74 4c 61 6e 67 75 61 67 65 22 3a 6e 75 6c 6c 2c 22 76 65 6e 64 6f 72 4c 69 73 74 56 65 72 73 69 6f 6e 22 3a 30 2c 22 6d 61 78 56 65 6e 64 6f 72 49 64 22 3a 30 2c 22 65 6e 63 6f 64 69 6e 67 54 79 70 65 22 3a 22 30 22 2c 22 67 6c 6f 62 61 6c 56 65 6e 64 6f 72 4c 69 73 74 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 63 6f 6f 6b 69 65 6c 61 77 2e 6f 72 67 2f 76 65 6e 64 6f 72 6c 69 73 74 2f 69 61 62 44 61 74 61 2e 6a 73 6f 6e 22 7d 2c 22 49 61 62 56 32 44 61 74 61 22 3a 7b 22 63 6f 6f 6b 69 65 56 65 72 73 69 6f 6e 22 3a 22 31 22 2c 22 63 72 65 61 74 65 64 54 69 6d 65 22 3a 22 32 30 32 34 2d 30 38 2d 31 33 54 31 34 3a 33 30 3a 31 39 2e 35 35 39 35 34 32 35 38 34 22 2c 22 75 70 64
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: nsentScreen":"1","consentLanguage":null,"vendorListVersion":0,"maxVendorId":0,"encodingType":"0","globalVendorListUrl":"https://cdn.cookielaw.org/vendorlist/iabData.json"},"IabV2Data":{"cookieVersion":"1","createdTime":"2024-08-13T14:30:19.559542584","upd
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:12 UTC455INData Raw: 70 72 65 73 73 42 61 6e 6e 65 72 22 3a 66 61 6c 73 65 2c 22 49 73 53 75 70 70 72 65 73 73 50 43 22 3a 66 61 6c 73 65 2c 22 50 75 62 6c 69 73 68 65 72 43 43 22 3a 22 44 45 22 2c 22 44 6f 6d 61 69 6e 22 3a 22 63 63 6c 65 61 6e 65 72 2e 63 6f 6d 22 2c 22 54 65 6e 61 6e 74 47 75 69 64 22 3a 22 38 66 66 35 63 64 35 31 2d 30 31 66 30 2d 34 30 37 36 2d 61 30 32 31 2d 37 61 63 36 66 30 62 39 64 66 32 65 22 2c 22 45 6e 76 49 64 22 3a 22 61 70 70 2d 64 65 2d 70 72 6f 64 22 2c 22 52 65 6d 6f 74 65 41 63 74 69 6f 6e 73 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 47 65 6f 52 75 6c 65 47 72 6f 75 70 4e 61 6d 65 22 3a 22 43 43 6c 65 61 6e 65 72 20 43 6f 6e 73 65 6e 74 20 50 6f 6c 69 63 79 22 2c 22 47 41 54 72 61 63 6b 54 6f 67 67 6c 65 22 3a 66 61 6c 73 65 2c 22 47
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: pressBanner":false,"IsSuppressPC":false,"PublisherCC":"DE","Domain":"ccleaner.com","TenantGuid":"8ff5cd51-01f0-4076-a021-7ac6f0b9df2e","EnvId":"app-de-prod","RemoteActionsEnabled":false,"GeoRuleGroupName":"CCleaner Consent Policy","GATrackToggle":false,"G
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:12 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: 0


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                131192.168.2.54987913.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:12 UTC192OUTGET /rules/rule703900v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:12 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:12 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1390
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:49 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE3002601"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 3cbcbade-201e-0000-6443-3ca537000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111512Z-174c587ffdf6b487hC1TEBydsn00000004a0000000006y5g
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:12 UTC1390INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 39 30 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 72 76 69 63 65 61 62 69 6c 69 74 79 4d 61 6e 61 67 65 72 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 65 72 76 69 63 65 61 62 69 6c 69 74 79 4d 61 6e 61 67 65 72 22 20 53 3d
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703900" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ServiceabilityManager" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenServiceabilityManager" S=


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                132192.168.2.54987713.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:12 UTC192OUTGET /rules/rule700350v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:12 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:12 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1360
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:40 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDD74D2EC"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: e88bdfa1-301e-003f-630e-3d266f000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111512Z-178bfbc474brk967hC1NYCfu6000000005m000000000afrs
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:12 UTC1360INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 30 33 35 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 79 73 74 65 6d 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="700350" V="1" DC="SM" EN="Office.Telemetry.Event.Office.System" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSystem" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                133192.168.2.54988413.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:13 UTC192OUTGET /rules/rule701501v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:13 UTC515INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:13 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1401
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:48 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE2A9D541"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 77237dca-e01e-00aa-2b4b-3eceda000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111513Z-174c587ffdftv9hphC1TEBm29w000000046g00000000fx9r
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                X-Cache-Info: L1_T2
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:13 UTC1401INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 35 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 63 75 72 69 74 79 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701501" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Security.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenS


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                134192.168.2.54989213.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:13 UTC192OUTGET /rules/rule701500v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:13 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:13 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1364
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:28:03 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BEB6AD293"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 38badaf1-c01e-00ad-2128-3da2b9000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111513Z-178bfbc474bgvl54hC1NYCsfuw00000005x0000000003zue
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:13 UTC1364INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 35 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 65 63 75 72 69 74 79 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 65 63 75 72 69 74 79 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701500" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Security" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSecurity" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                135192.168.2.54989434.117.223.2234432992C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:13 UTC164OUTPOST /receive3 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-enc-sb
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Avast Antivirus
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 303
                                                                                                                                                                                                                                                                                                                                                                                Host: analytics.avcdn.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:13 UTC303OUTData Raw: 0a ac 02 0a 68 42 40 31 46 32 43 43 41 44 33 38 31 32 36 35 36 43 34 39 33 30 36 30 38 33 33 37 43 34 46 42 34 41 35 44 41 39 32 30 32 44 45 31 37 41 46 35 36 35 36 34 37 37 30 32 41 38 33 45 33 46 43 46 33 42 30 4a 24 61 61 32 63 38 36 61 61 2d 37 66 63 35 2d 34 63 38 65 2d 61 36 39 64 2d 31 39 61 37 64 62 63 30 62 37 32 61 12 6c 0a 03 3b 03 01 10 ae ab 98 f4 0c 28 d7 04 5a 5a 0a 15 53 6d 61 72 74 43 6c 65 61 6e 3a 4a 75 6e 6b 41 6c 65 72 74 73 12 0a 41 63 74 69 76 61 74 69 6f 6e 1a 03 6f 66 66 20 00 28 01 32 0a 08 d0 e5 8a ba 06 10 02 18 00 42 09 08 00 10 00 1a 03 31 2d 61 4a 15 6d 6d 6d 5f 63 63 6c 5f 30 31 32 5f 39 39 39 5f 61 38 6b 5f 6d 60 01 22 46 12 0a 36 2e 33 30 2e 31 31 33 38 35 18 01 22 2f 31 30 2e 30 20 28 42 75 69 6c 64 20 31 39 30 34 35 2c
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: hB@1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0J$aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72al;(ZZSmartClean:JunkAlertsActivationoff (2B1-aJmmm_ccl_012_999_a8k_m`"F6.30.11385"/10.0 (Build 19045,
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:14 UTC255INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:14 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 24
                                                                                                                                                                                                                                                                                                                                                                                X-ASW-Receiver-Ack: processed
                                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:14 UTC24INData Raw: 52 65 63 65 69 76 65 72 2d 41 63 6b 3a 20 70 72 6f 63 65 73 73 65 64 0a
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: Receiver-Ack: processed


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                136192.168.2.54989534.117.223.2234436948C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:13 UTC164OUTPOST /receive3 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-enc-sb
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Avast Antivirus
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 288
                                                                                                                                                                                                                                                                                                                                                                                Host: analytics.avcdn.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:13 UTC288OUTData Raw: 0a 9d 02 0a 68 42 40 31 46 32 43 43 41 44 33 38 31 32 36 35 36 43 34 39 33 30 36 30 38 33 33 37 43 34 46 42 34 41 35 44 41 39 32 30 32 44 45 31 37 41 46 35 36 35 36 34 37 37 30 32 41 38 33 45 33 46 43 46 33 42 30 4a 24 61 61 32 63 38 36 61 61 2d 37 66 63 35 2d 34 63 38 65 2d 61 36 39 64 2d 31 39 61 37 64 62 63 30 62 37 32 61 12 5d 0a 03 3b 03 01 10 a2 ab 98 f4 0c 28 d7 04 5a 4b 0a 07 53 6b 69 70 55 41 43 12 0a 41 63 74 69 76 61 74 69 6f 6e 1a 02 6f 6e 20 00 28 01 32 0a 08 d0 e5 8a ba 06 10 01 18 00 42 09 08 00 10 00 1a 03 31 2d 61 4a 15 6d 6d 6d 5f 63 63 6c 5f 30 31 32 5f 39 39 39 5f 61 38 6b 5f 6d 60 01 22 46 12 0a 36 2e 33 30 2e 31 31 33 38 35 18 01 22 2f 31 30 2e 30 20 28 42 75 69 6c 64 20 31 39 30 34 35 2c 20 52 65 6c 65 61 73 65 20 32 30 30 39 2c 20
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: hB@1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0J$aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a];(ZKSkipUACActivationon (2B1-aJmmm_ccl_012_999_a8k_m`"F6.30.11385"/10.0 (Build 19045, Release 2009,
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:14 UTC255INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:14 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 24
                                                                                                                                                                                                                                                                                                                                                                                X-ASW-Receiver-Ack: processed
                                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:14 UTC24INData Raw: 52 65 63 65 69 76 65 72 2d 41 63 6b 3a 20 70 72 6f 63 65 73 73 65 64 0a
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: Receiver-Ack: processed


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                137192.168.2.549899104.18.87.424436948C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:14 UTC427OUTGET /consent/831b8ee0-e952-49a5-af6b-01382c722774/831b8ee0-e952-49a5-af6b-01382c722774.json HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Host: cdn.cookielaw.org
                                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:14 UTC982INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:14 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                                                                Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                CF-Ray: 8e78fade6efc8c53-EWR
                                                                                                                                                                                                                                                                                                                                                                                CF-Cache-Status: HIT
                                                                                                                                                                                                                                                                                                                                                                                Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                                                Age: 40647
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=86400
                                                                                                                                                                                                                                                                                                                                                                                Expires: Mon, 25 Nov 2024 11:15:14 GMT
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 13 Aug 2024 14:30:20 GMT
                                                                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Content-MD5: AdkJ+2zp/6A/fQzqijpcMg==
                                                                                                                                                                                                                                                                                                                                                                                Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                                                                X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                                                                                x-ms-blob-type: BlockBlob
                                                                                                                                                                                                                                                                                                                                                                                x-ms-lease-status: unlocked
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 8131224c-001e-0025-464d-260b39000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2009-09-19
                                                                                                                                                                                                                                                                                                                                                                                Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                                                                                                                Server: cloudflare
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:14 UTC387INData Raw: 31 38 61 36 0d 0a 7b 22 43 6f 6f 6b 69 65 53 50 41 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 43 6f 6f 6b 69 65 53 61 6d 65 53 69 74 65 4e 6f 6e 65 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 43 6f 6f 6b 69 65 56 32 43 53 50 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 4d 75 6c 74 69 56 61 72 69 61 6e 74 54 65 73 74 69 6e 67 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 55 73 65 56 32 22 3a 74 72 75 65 2c 22 4d 6f 62 69 6c 65 53 44 4b 22 3a 66 61 6c 73 65 2c 22 53 6b 69 70 47 65 6f 6c 6f 63 61 74 69 6f 6e 22 3a 66 61 6c 73 65 2c 22 53 63 72 69 70 74 54 79 70 65 22 3a 22 50 52 4f 44 55 43 54 49 4f 4e 22 2c 22 56 65 72 73 69 6f 6e 22 3a 22 36 2e 33 36 2e 30 22 2c 22 4f 70 74 61 6e 6f 6e 44 61 74 61 4a 53 4f 4e 22 3a 22 38 33 31 62 38 65 65 30
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: 18a6{"CookieSPAEnabled":false,"CookieSameSiteNoneEnabled":false,"CookieV2CSPEnabled":false,"MultiVariantTestingEnabled":false,"UseV2":true,"MobileSDK":false,"SkipGeolocation":false,"ScriptType":"PRODUCTION","Version":"6.36.0","OptanonDataJSON":"831b8ee0
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:14 UTC1369INData Raw: 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 63 6f 6f 6b 69 65 73 2d 64 61 74 61 2e 6f 6e 65 74 72 75 73 74 2e 69 6f 2f 62 61 6e 6e 65 72 73 64 6b 2f 76 31 2f 64 6f 6d 61 69 6e 67 72 6f 75 70 63 68 65 63 6b 22 2c 22 52 75 6c 65 53 65 74 22 3a 5b 7b 22 49 64 22 3a 22 30 31 39 31 32 37 35 33 2d 38 63 32 31 2d 37 61 31 37 2d 38 38 33 66 2d 30 61 39 31 61 34 65 35 61 65 38 62 22 2c 22 4e 61 6d 65 22 3a 22 55 53 2c 20 41 55 20 e2 80 93 20 41 6c 6c 20 4f 70 74 2d 6f 75 74 22 2c 22 43 6f 75 6e 74 72 69 65 73 22 3a 5b 22 61 75 22 2c 22 75 73 22 5d 2c 22 53 74 61 74 65 73 22 3a 7b 7d 2c 22 4c 61 6e 67 75 61 67 65 53 77 69 74 63 68 65 72 50 6c 61 63 65 68 6f 6c 64 65 72 22 3a 7b 22 64 65 22 3a 22 64 65 22 2c 22 64 65 66 61 75 6c 74 22 3a 22 65 6e 22 2c 22 72 75 22 3a 22
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: rl":"https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck","RuleSet":[{"Id":"01912753-8c21-7a17-883f-0a91a4e5ae8b","Name":"US, AU All Opt-out","Countries":["au","us"],"States":{},"LanguageSwitcherPlaceholder":{"de":"de","default":"en","ru":"
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:14 UTC1369INData Raw: 22 69 74 22 3a 22 69 74 22 2c 22 66 72 22 3a 22 66 72 22 2c 22 65 73 22 3a 22 65 73 22 2c 22 6e 6c 22 3a 22 6e 6c 22 7d 2c 22 42 61 6e 6e 65 72 50 75 73 68 65 73 44 6f 77 6e 22 3a 66 61 6c 73 65 2c 22 44 65 66 61 75 6c 74 22 3a 66 61 6c 73 65 2c 22 47 6c 6f 62 61 6c 22 3a 66 61 6c 73 65 2c 22 54 79 70 65 22 3a 22 47 44 50 52 22 2c 22 55 73 65 47 6f 6f 67 6c 65 56 65 6e 64 6f 72 73 22 3a 66 61 6c 73 65 2c 22 56 61 72 69 61 6e 74 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 54 65 73 74 45 6e 64 54 69 6d 65 22 3a 6e 75 6c 6c 2c 22 56 61 72 69 61 6e 74 73 22 3a 5b 5d 2c 22 54 65 6d 70 6c 61 74 65 4e 61 6d 65 22 3a 22 43 43 6c 65 61 6e 65 72 20 e2 80 93 20 52 45 4a 45 43 54 20 41 4c 4c 20 e2 80 93 20 54 65 6d 70 6c 61 74 65 22 2c 22 43 6f 6e 64 69 74 69 6f
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: "it":"it","fr":"fr","es":"es","nl":"nl"},"BannerPushesDown":false,"Default":false,"Global":false,"Type":"GDPR","UseGoogleVendors":false,"VariantEnabled":false,"TestEndTime":null,"Variants":[],"TemplateName":"CCleaner REJECT ALL Template","Conditio
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:14 UTC1369INData Raw: 22 6d 79 22 2c 22 6d 7a 22 2c 22 6e 61 22 2c 22 6e 63 22 2c 22 6e 65 22 2c 22 6e 66 22 2c 22 6e 67 22 2c 22 6e 69 22 2c 22 6e 70 22 2c 22 6e 72 22 2c 22 6e 75 22 2c 22 6e 7a 22 2c 22 6f 6d 22 2c 22 70 61 22 2c 22 70 65 22 2c 22 70 66 22 2c 22 70 67 22 2c 22 70 68 22 2c 22 70 6b 22 2c 22 70 6d 22 2c 22 70 6e 22 5d 2c 22 53 74 61 74 65 73 22 3a 7b 7d 2c 22 4c 61 6e 67 75 61 67 65 53 77 69 74 63 68 65 72 50 6c 61 63 65 68 6f 6c 64 65 72 22 3a 7b 22 64 65 22 3a 22 64 65 22 2c 22 64 65 66 61 75 6c 74 22 3a 22 65 6e 22 2c 22 72 75 22 3a 22 72 75 22 2c 22 70 74 22 3a 22 70 74 22 2c 22 69 74 22 3a 22 69 74 22 2c 22 66 72 22 3a 22 66 72 22 2c 22 65 73 22 3a 22 65 73 22 2c 22 6e 6c 22 3a 22 6e 6c 22 7d 2c 22 42 61 6e 6e 65 72 50 75 73 68 65 73 44 6f 77 6e 22 3a 66
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: "my","mz","na","nc","ne","nf","ng","ni","np","nr","nu","nz","om","pa","pe","pf","pg","ph","pk","pm","pn"],"States":{},"LanguageSwitcherPlaceholder":{"de":"de","default":"en","ru":"ru","pt":"pt","it":"it","fr":"fr","es":"es","nl":"nl"},"BannerPushesDown":f
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:14 UTC1369INData Raw: 6e 73 65 6e 74 53 63 72 65 65 6e 22 3a 22 31 22 2c 22 63 6f 6e 73 65 6e 74 4c 61 6e 67 75 61 67 65 22 3a 6e 75 6c 6c 2c 22 76 65 6e 64 6f 72 4c 69 73 74 56 65 72 73 69 6f 6e 22 3a 30 2c 22 6d 61 78 56 65 6e 64 6f 72 49 64 22 3a 30 2c 22 65 6e 63 6f 64 69 6e 67 54 79 70 65 22 3a 22 30 22 2c 22 67 6c 6f 62 61 6c 56 65 6e 64 6f 72 4c 69 73 74 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 63 64 6e 2e 63 6f 6f 6b 69 65 6c 61 77 2e 6f 72 67 2f 76 65 6e 64 6f 72 6c 69 73 74 2f 69 61 62 44 61 74 61 2e 6a 73 6f 6e 22 7d 2c 22 49 61 62 56 32 44 61 74 61 22 3a 7b 22 63 6f 6f 6b 69 65 56 65 72 73 69 6f 6e 22 3a 22 31 22 2c 22 63 72 65 61 74 65 64 54 69 6d 65 22 3a 22 32 30 32 34 2d 30 38 2d 31 33 54 31 34 3a 33 30 3a 31 39 2e 35 35 39 35 34 32 35 38 34 22 2c 22 75 70 64
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: nsentScreen":"1","consentLanguage":null,"vendorListVersion":0,"maxVendorId":0,"encodingType":"0","globalVendorListUrl":"https://cdn.cookielaw.org/vendorlist/iabData.json"},"IabV2Data":{"cookieVersion":"1","createdTime":"2024-08-13T14:30:19.559542584","upd
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:14 UTC455INData Raw: 70 72 65 73 73 42 61 6e 6e 65 72 22 3a 66 61 6c 73 65 2c 22 49 73 53 75 70 70 72 65 73 73 50 43 22 3a 66 61 6c 73 65 2c 22 50 75 62 6c 69 73 68 65 72 43 43 22 3a 22 44 45 22 2c 22 44 6f 6d 61 69 6e 22 3a 22 63 63 6c 65 61 6e 65 72 2e 63 6f 6d 22 2c 22 54 65 6e 61 6e 74 47 75 69 64 22 3a 22 38 66 66 35 63 64 35 31 2d 30 31 66 30 2d 34 30 37 36 2d 61 30 32 31 2d 37 61 63 36 66 30 62 39 64 66 32 65 22 2c 22 45 6e 76 49 64 22 3a 22 61 70 70 2d 64 65 2d 70 72 6f 64 22 2c 22 52 65 6d 6f 74 65 41 63 74 69 6f 6e 73 45 6e 61 62 6c 65 64 22 3a 66 61 6c 73 65 2c 22 47 65 6f 52 75 6c 65 47 72 6f 75 70 4e 61 6d 65 22 3a 22 43 43 6c 65 61 6e 65 72 20 43 6f 6e 73 65 6e 74 20 50 6f 6c 69 63 79 22 2c 22 47 41 54 72 61 63 6b 54 6f 67 67 6c 65 22 3a 66 61 6c 73 65 2c 22 47
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: pressBanner":false,"IsSuppressPC":false,"PublisherCC":"DE","Domain":"ccleaner.com","TenantGuid":"8ff5cd51-01f0-4076-a021-7ac6f0b9df2e","EnvId":"app-de-prod","RemoteActionsEnabled":false,"GeoRuleGroupName":"CCleaner Consent Policy","GATrackToggle":false,"G
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:14 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: 0


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                138192.168.2.549900172.64.155.1194436948C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:14 UTC599OUTGET /cookieconsentpub/v1/geo/location HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Host: geolocation.onetrust.com
                                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                                                                accept: application/json
                                                                                                                                                                                                                                                                                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                                                                sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                                                                Origin: https://www.ccleaner.com
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                                                                Referer: https://www.ccleaner.com/
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:14 UTC370INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:14 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/json
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 69
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                                                                                Access-Control-Allow-Headers: Content-Type
                                                                                                                                                                                                                                                                                                                                                                                Access-Control-Allow-Methods: GET, OPTIONS
                                                                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                                                                Server: cloudflare
                                                                                                                                                                                                                                                                                                                                                                                CF-RAY: 8e78fadf184743f8-EWR
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:14 UTC69INData Raw: 7b 22 63 6f 75 6e 74 72 79 22 3a 22 55 53 22 2c 22 73 74 61 74 65 22 3a 22 4e 59 22 2c 22 73 74 61 74 65 4e 61 6d 65 22 3a 22 4e 65 77 20 59 6f 72 6b 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 22 3a 22 4e 41 22 7d
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: {"country":"US","state":"NY","stateName":"New York","continent":"NA"}


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                139192.168.2.54989713.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:14 UTC192OUTGET /rules/rule702801v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:14 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:14 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1391
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:43 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDF58DC7E"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: c1e9356c-301e-0099-2920-3d6683000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111514Z-178bfbc474bfw4gbhC1NYCunf400000005sg00000000c6xn
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:14 UTC1391INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 38 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 44 58 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 44 58 22 20 53
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702801" V="1" DC="SM" EN="Office.Telemetry.Event.Office.SDX.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSDX" S


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                140192.168.2.54989813.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:14 UTC192OUTGET /rules/rule702800v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:15 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:14 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1354
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:45 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE0662D7C"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: dd43f91c-901e-005b-7e7f-3b2005000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111514Z-174c587ffdf59vqchC1TEByk6800000004d000000000gc20
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:15 UTC1354INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 32 38 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 44 58 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 44 58 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="702800" V="1" DC="SM" EN="Office.Telemetry.Event.Office.SDX" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSDX" S="Medium" /> <F T="2"> <O


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                141192.168.2.54990113.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:14 UTC192OUTGET /rules/rule703351v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:15 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:15 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1403
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:39 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDCDD6400"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 6b735921-c01e-0066-37ca-3ba1ec000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111515Z-174c587ffdfb485jhC1TEBmc1s000000044000000000df95
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:15 UTC1403INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 33 35 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 63 72 69 70 74 4c 61 62 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703351" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ScriptLab.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                142192.168.2.54990934.117.223.2234432992C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:15 UTC164OUTPOST /receive3 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-enc-sb
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Avast Antivirus
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 306
                                                                                                                                                                                                                                                                                                                                                                                Host: analytics.avcdn.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:15 UTC306OUTData Raw: 0a af 02 0a 68 42 40 31 46 32 43 43 41 44 33 38 31 32 36 35 36 43 34 39 33 30 36 30 38 33 33 37 43 34 46 42 34 41 35 44 41 39 32 30 32 44 45 31 37 41 46 35 36 35 36 34 37 37 30 32 41 38 33 45 33 46 43 46 33 42 30 4a 24 61 61 32 63 38 36 61 61 2d 37 66 63 35 2d 34 63 38 65 2d 61 36 39 64 2d 31 39 61 37 64 62 63 30 62 37 32 61 12 6f 0a 03 3b 03 01 10 ae ab 98 f4 0c 28 d7 04 5a 5d 0a 18 53 6d 61 72 74 43 6c 65 61 6e 3a 42 72 6f 77 73 65 72 41 6c 65 72 74 73 12 0a 41 63 74 69 76 61 74 69 6f 6e 1a 03 6f 66 66 20 00 28 01 32 0a 08 d0 e5 8a ba 06 10 02 18 00 42 09 08 00 10 00 1a 03 31 2d 61 4a 15 6d 6d 6d 5f 63 63 6c 5f 30 31 32 5f 39 39 39 5f 61 38 6b 5f 6d 60 01 22 46 12 0a 36 2e 33 30 2e 31 31 33 38 35 18 01 22 2f 31 30 2e 30 20 28 42 75 69 6c 64 20 31 39 30
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: hB@1F2CCAD3812656C4930608337C4FB4A5DA9202DE17AF565647702A83E3FCF3B0J$aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72ao;(Z]SmartClean:BrowserAlertsActivationoff (2B1-aJmmm_ccl_012_999_a8k_m`"F6.30.11385"/10.0 (Build 190
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:16 UTC255INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Server: nginx
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:16 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 24
                                                                                                                                                                                                                                                                                                                                                                                X-ASW-Receiver-Ack: processed
                                                                                                                                                                                                                                                                                                                                                                                Via: 1.1 google
                                                                                                                                                                                                                                                                                                                                                                                Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:16 UTC24INData Raw: 52 65 63 65 69 76 65 72 2d 41 63 6b 3a 20 70 72 6f 63 65 73 73 65 64 0a
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: Receiver-Ack: processed


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                143192.168.2.54991054.229.91.1924436948C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:16 UTC719OUTGET /id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=67C716D751E567F70A490D4C%40AdobeOrg&d_nsid=0&ts=1732446913141 HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Host: dpm.demdex.net
                                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                                                                                sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                                                                                sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/x-www-form-urlencoded
                                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                Origin: https://www.ccleaner.com
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                                                                Referer: https://www.ccleaner.com/
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:16 UTC821INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:16 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: application/json;charset=utf-8
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 367
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                X-TID: 8qA8zxkbSFY=
                                                                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
                                                                                                                                                                                                                                                                                                                                                                                Pragma: no-cache
                                                                                                                                                                                                                                                                                                                                                                                Expires: Thu, 01 Jan 1970 00:00:00 UTC
                                                                                                                                                                                                                                                                                                                                                                                P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
                                                                                                                                                                                                                                                                                                                                                                                Access-Control-Allow-Origin: https://www.ccleaner.com
                                                                                                                                                                                                                                                                                                                                                                                Vary: Origin
                                                                                                                                                                                                                                                                                                                                                                                Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                                                                                                                DCS: dcs-prod-irl1-2-v069-0b0020d8d.edge-irl1.demdex.com 2 ms
                                                                                                                                                                                                                                                                                                                                                                                set-cookie: demdex=87069833943671932313219418043970534423; Max-Age=15552000; Expires=Fri, 23 May 2025 11:15:16 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:16 UTC367INData Raw: 7b 22 64 5f 6d 69 64 22 3a 22 38 36 39 31 35 30 39 38 31 36 31 36 31 33 38 39 36 33 30 33 32 33 35 34 36 39 39 33 39 31 31 32 32 32 36 39 38 32 22 2c 22 69 64 5f 73 79 6e 63 5f 74 74 6c 22 3a 36 30 34 38 30 30 2c 22 64 5f 62 6c 6f 62 22 3a 22 36 47 31 79 6e 59 63 4c 50 75 69 51 78 59 5a 72 73 7a 5f 70 6b 71 66 4c 47 39 79 4d 58 42 70 62 32 7a 58 35 64 76 4a 64 59 51 4a 7a 50 58 49 6d 64 6a 30 79 22 2c 22 64 63 73 5f 72 65 67 69 6f 6e 22 3a 36 2c 22 64 5f 6f 74 74 6c 22 3a 37 32 30 30 2c 22 69 62 73 22 3a 5b 7b 22 69 64 22 3a 22 34 31 31 22 2c 22 74 74 6c 22 3a 31 30 30 38 30 2c 22 74 61 67 22 3a 22 69 6d 67 22 2c 22 66 69 72 65 55 52 4c 53 79 6e 63 22 3a 31 2c 22 73 79 6e 63 4f 6e 50 61 67 65 22 3a 31 2c 22 75 72 6c 22 3a 5b 22 2f 2f 63 6d 2e 65 76 65 72
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: {"d_mid":"86915098161613896303235469939112226982","id_sync_ttl":604800,"d_blob":"6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y","dcs_region":6,"d_ottl":7200,"ibs":[{"id":"411","ttl":10080,"tag":"img","fireURLSync":1,"syncOnPage":1,"url":["//cm.ever


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                144192.168.2.54990613.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:16 UTC192OUTGET /rules/rule703350v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:16 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:16 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1366
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:42 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDF1E2608"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: ccc9fd57-201e-0096-041b-3dace6000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111516Z-178bfbc474bv7whqhC1NYC1fg400000005y0000000003q05
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:16 UTC1366INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 33 35 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 63 72 69 70 74 4c 61 62 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 63 72 69 70 74 4c 61 62 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703350" V="0" DC="SM" EN="Office.Telemetry.Event.Office.ScriptLab" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenScriptLab" S="Medium" /> <F T="2


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                145192.168.2.54990813.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:16 UTC192OUTGET /rules/rule703501v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:16 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:16 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1399
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:59 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BE8C605FF"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 34c66101-001e-0065-5256-3d0b73000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111516Z-15b8b599d889gj5whC1TEBfyk0000000044000000000cgs6
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:16 UTC1399INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 35 30 31 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 61 6e 64 62 6f 78 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 61
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703501" V="0" DC="SM" EN="Office.Telemetry.Event.Office.Sandbox.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSa


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                                                                                146192.168.2.549917104.18.32.1374436948C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:16 UTC380OUTGET /cookieconsentpub/v1/geo/location HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Host: geolocation.onetrust.com
                                                                                                                                                                                                                                                                                                                                                                                Connection: keep-alive
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                                                                                                                Accept: */*
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                                                                                                                Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                                                                                Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:17 UTC249INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:16 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/javascript
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 80
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                                                                                Server: cloudflare
                                                                                                                                                                                                                                                                                                                                                                                CF-RAY: 8e78faeece254238-EWR
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:17 UTC80INData Raw: 6a 73 6f 6e 46 65 65 64 28 7b 22 63 6f 75 6e 74 72 79 22 3a 22 55 53 22 2c 22 73 74 61 74 65 22 3a 22 4e 59 22 2c 22 73 74 61 74 65 4e 61 6d 65 22 3a 22 4e 65 77 20 59 6f 72 6b 22 2c 22 63 6f 6e 74 69 6e 65 6e 74 22 3a 22 4e 41 22 7d 29 3b
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: jsonFeed({"country":"US","state":"NY","stateName":"New York","continent":"NA"});


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                147192.168.2.54991113.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:16 UTC192OUTGET /rules/rule703500v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:17 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1362
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:43 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDF497570"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: ff0b0d52-c01e-002b-2681-3b6e00000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111517Z-174c587ffdfgcs66hC1TEB69cs000000046g000000009wbu
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:17 UTC1362INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 33 35 30 30 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 53 61 6e 64 62 6f 78 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 53 61 6e 64 62 6f 78 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32 22 3e 0d 0a
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="703500" V="0" DC="SM" EN="Office.Telemetry.Event.Office.Sandbox" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenSandbox" S="Medium" /> <F T="2">


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                148192.168.2.54991213.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:16 UTC192OUTGET /rules/rule701801v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:17 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1403
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:27:38 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BDC2EEE03"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: f909f157-c01e-0049-018c-3aac27000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111517Z-174c587ffdftv9hphC1TEBm29w000000047g00000000csq7
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:17 UTC1403INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 38 30 31 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 52 65 73 6f 75 72 63 65 73 2e 43 72 69 74 69 63 61 6c 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701801" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Resources.Critical" SP="CriticalBusinessImpact" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantToken


                                                                                                                                                                                                                                                                                                                                                                                Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                                                                                149192.168.2.54991413.107.246.63443
                                                                                                                                                                                                                                                                                                                                                                                TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:17 UTC192OUTGET /rules/rule701800v1s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                                                                                                                Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                                                                                Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                                                                                                                User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                                                                                                                Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:17 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                                                                                Date: Sun, 24 Nov 2024 11:15:17 GMT
                                                                                                                                                                                                                                                                                                                                                                                Content-Type: text/xml
                                                                                                                                                                                                                                                                                                                                                                                Content-Length: 1366
                                                                                                                                                                                                                                                                                                                                                                                Connection: close
                                                                                                                                                                                                                                                                                                                                                                                Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                                                                                                                Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                                                                                                                Last-Modified: Tue, 09 Apr 2024 00:28:01 GMT
                                                                                                                                                                                                                                                                                                                                                                                ETag: "0x8DC582BEA414B16"
                                                                                                                                                                                                                                                                                                                                                                                x-ms-request-id: 7b3b97af-701e-003e-795c-3d79b3000000
                                                                                                                                                                                                                                                                                                                                                                                x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                                                                                                                x-azure-ref: 20241124T111517Z-178bfbc474bpnd5vhC1NYC4vr400000005t000000000aeaq
                                                                                                                                                                                                                                                                                                                                                                                x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                                                                                                                X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                                                                                                                Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                                                                                2024-11-24 11:15:17 UTC1366INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 37 30 31 38 30 30 22 20 56 3d 22 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 45 76 65 6e 74 2e 4f 66 66 69 63 65 2e 52 65 73 6f 75 72 63 65 73 22 20 44 4c 3d 22 41 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 52 49 53 3e 0d 0a 20 20 20 20 3c 52 49 20 4e 3d 22 45 76 65 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 52 49 53 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 55 43 53 53 20 54 3d 22 31 22 20 43 3d 22 4e 65 78 75 73 54 65 6e 61 6e 74 54 6f 6b 65 6e 52 65 73 6f 75 72 63 65 73 22 20 53 3d 22 4d 65 64 69 75 6d 22 20 2f 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 32
                                                                                                                                                                                                                                                                                                                                                                                Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="701800" V="1" DC="SM" EN="Office.Telemetry.Event.Office.Resources" DL="A" xmlns=""> <RIS> <RI N="Event" /> </RIS> <S> <UCSS T="1" C="NexusTenantTokenResources" S="Medium" /> <F T="2


                                                                                                                                                                                                                                                                                                                                                                                Statistics

                                                                                                                                                                                                                                                                                                                                                                                CPU Usage

                                                                                                                                                                                                                                                                                                                                                                                Click to jump to process

                                                                                                                                                                                                                                                                                                                                                                                Memory Usage

                                                                                                                                                                                                                                                                                                                                                                                Click to jump to process

                                                                                                                                                                                                                                                                                                                                                                                High Level Behavior Distribution

                                                                                                                                                                                                                                                                                                                                                                                Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                                                                                                                                Behavior

                                                                                                                                                                                                                                                                                                                                                                                Click to jump to process

                                                                                                                                                                                                                                                                                                                                                                                System Behavior

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:0
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:14:04
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Users\user\Desktop\lw2HMxuVuf.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Users\user\Desktop\lw2HMxuVuf.exe"
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x400000
                                                                                                                                                                                                                                                                                                                                                                                File size:86'349'752 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:D12D2A0F8909A768683F6C548205E955
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:5
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:14:49
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\CCleaner\CCleaner64.exe" /createSkipUAC
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff7d5e10000
                                                                                                                                                                                                                                                                                                                                                                                File size:45'359'408 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:2C06EA7AA9BB892D84ADD917952FA262
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Antivirus matches:
                                                                                                                                                                                                                                                                                                                                                                                • Detection: 0%, ReversingLabs
                                                                                                                                                                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:7
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:14:49
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\CCleaner\CCUpdate.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\CCleaner\CCUpdate.exe" /reg
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x9b0000
                                                                                                                                                                                                                                                                                                                                                                                File size:829'408 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:943A4F169E9A3303ED6DEFC1AC3690BD
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Antivirus matches:
                                                                                                                                                                                                                                                                                                                                                                                • Detection: 0%, ReversingLabs
                                                                                                                                                                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:8
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:14:51
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\CCleaner\CCUpdate.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\CCleaner\CCUpdate.exe"
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x9b0000
                                                                                                                                                                                                                                                                                                                                                                                File size:829'408 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:943A4F169E9A3303ED6DEFC1AC3690BD
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:9
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:14:53
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\CCleaner\CCleanerCrashDump.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\CCleaner\CCleanerCrashDump.exe" --pid 1272 --exception_ptr 0000007E054FD2C0 --thread_id 5744 --dump_level 21 --dump_file "C:\Program Files\CCleaner\LOG\unp31145570364458760i-unhandled.mdmp" --comment "" --min_interval 60
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff669ef0000
                                                                                                                                                                                                                                                                                                                                                                                File size:3'509'552 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:A27D2E703C03AB74FE3CC5AF08365317
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Antivirus matches:
                                                                                                                                                                                                                                                                                                                                                                                • Detection: 0%, ReversingLabs
                                                                                                                                                                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:10
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:14:53
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                                                                File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:11
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:14:53
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\CCleaner\CCleanerBugReport.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\CCleaner\CCleanerBugReport.exe" --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "aa2c86aa-7fc5-4c8e-a69d-19a7dbc0b72a" --version "6.30.11385" --silent
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff661490000
                                                                                                                                                                                                                                                                                                                                                                                File size:5'983'536 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:0CD1F5CAD7DFED152434BD6CDA8D5094
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Antivirus matches:
                                                                                                                                                                                                                                                                                                                                                                                • Detection: 0%, ReversingLabs
                                                                                                                                                                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:12
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:14:53
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                                                                File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:13
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:14:54
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\CCleaner\CCleaner.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\CCleaner\CCleaner.exe" 0
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x320000
                                                                                                                                                                                                                                                                                                                                                                                File size:39'135'536 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:A2EE8E9ACC0C8F79953A42B213A9C201
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Antivirus matches:
                                                                                                                                                                                                                                                                                                                                                                                • Detection: 0%, ReversingLabs
                                                                                                                                                                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:14
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:14:55
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\CCleaner\CCleaner.exe" 0
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff7d5e10000
                                                                                                                                                                                                                                                                                                                                                                                File size:45'359'408 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:2C06EA7AA9BB892D84ADD917952FA262
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Yara matches:
                                                                                                                                                                                                                                                                                                                                                                                • Rule: JoeSecurity_AntiVM_3, Description: Yara detected AntiVM_3, Source: 0000000E.00000003.2795690252.000001479DB6B000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                                                                • Rule: JoeSecurity_AntiVM_3, Description: Yara detected AntiVM_3, Source: 0000000E.00000003.2789770376.000001479CAF6000.00000004.00000020.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:15
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:14:56
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument http://www.ccleaner.com/go/app_releasenotes?p=1&v=&l=1033&b=1&a=0
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff715980000
                                                                                                                                                                                                                                                                                                                                                                                File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:16
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:14:56
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff7e52b0000
                                                                                                                                                                                                                                                                                                                                                                                File size:55'320 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:B7F884C1B74A263F746EE12A5F7C9F6A
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:17
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:14:57
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\CCleaner\CCleaner64.exe"
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff7d5e10000
                                                                                                                                                                                                                                                                                                                                                                                File size:45'359'408 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:2C06EA7AA9BB892D84ADD917952FA262
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:18
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:14:57
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2096 --field-trial-handle=2004,i,4752939339511443600,2295827606538063107,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff715980000
                                                                                                                                                                                                                                                                                                                                                                                File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Reputation:high
                                                                                                                                                                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:19
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:14:57
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\CCleaner\CCUpdate.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                                                Commandline:CCUpdate.exe /emupdater /applydll "C:\Program Files\CCleaner\Setup\92a778af-76d6-4186-8535-ae66d08f623f.dll"
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff757150000
                                                                                                                                                                                                                                                                                                                                                                                File size:829'408 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:943A4F169E9A3303ED6DEFC1AC3690BD
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:20
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:16
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\CCleaner\CCleaner64.exe" /monitor
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff7d5e10000
                                                                                                                                                                                                                                                                                                                                                                                File size:45'359'408 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:2C06EA7AA9BB892D84ADD917952FA262
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Reputation:low
                                                                                                                                                                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:21
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:17
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\System32\wbem\unsecapp.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:C:\Windows\system32\wbem\unsecapp.exe -Embedding
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff700b00000
                                                                                                                                                                                                                                                                                                                                                                                File size:54'272 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:9B782B1E1D7A2C28302755F963EAC907
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Reputation:moderate
                                                                                                                                                                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:22
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:18
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\CCleaner\wa_3rd_party_host_32.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                                                Commandline:--pid=3276
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x5f0000
                                                                                                                                                                                                                                                                                                                                                                                File size:2'296'624 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:309BD294516051E34072A29FF7D96137
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Antivirus matches:
                                                                                                                                                                                                                                                                                                                                                                                • Detection: 0%, ReversingLabs
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:23
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:18
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                                                                File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:25
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:24
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe"
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff63c3b0000
                                                                                                                                                                                                                                                                                                                                                                                File size:1'087'792 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:8D317E02B420A30BAF4CE55B2A2D9091
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Antivirus matches:
                                                                                                                                                                                                                                                                                                                                                                                • Detection: 0%, ReversingLabs
                                                                                                                                                                                                                                                                                                                                                                                Has exited:false

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:27
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:31
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\CCleaner\wa_3rd_party_host_32.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                                                Commandline:--pid=2992
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x5f0000
                                                                                                                                                                                                                                                                                                                                                                                File size:2'296'624 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:309BD294516051E34072A29FF7D96137
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:28
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:32
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                                                                File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:29
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:40
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\CCleaner\wa_3rd_party_host_64.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:--pid=3276
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff76ce40000
                                                                                                                                                                                                                                                                                                                                                                                File size:2'892'080 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:0E11E9D3C16F6B0F59EC10488A36A415
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Antivirus matches:
                                                                                                                                                                                                                                                                                                                                                                                • Detection: 0%, ReversingLabs
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:30
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:40
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                                                                File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:31
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:41
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff7d5e10000
                                                                                                                                                                                                                                                                                                                                                                                File size:45'359'408 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:2C06EA7AA9BB892D84ADD917952FA262
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:32
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:42
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\CCleaner\CCleaner.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x320000
                                                                                                                                                                                                                                                                                                                                                                                File size:39'135'536 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:A2EE8E9ACC0C8F79953A42B213A9C201
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:34
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:43
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff7d5e10000
                                                                                                                                                                                                                                                                                                                                                                                File size:45'359'408 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:2C06EA7AA9BB892D84ADD917952FA262
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:35
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:45
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\System32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:C:\Windows\system32\cmd.exe /S /C ""C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" > "C:\Users\user\AppData\Local\Temp\OPSBBCA.tmp" 2> "C:\Users\user\AppData\Local\Temp\OPSBBCB.tmp""
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff7514c0000
                                                                                                                                                                                                                                                                                                                                                                                File size:289'792 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:36
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:45
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                                                                File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:37
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:46
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription"
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff7be880000
                                                                                                                                                                                                                                                                                                                                                                                File size:452'608 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:38
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:46
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\CCleaner\wa_3rd_party_host_64.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:--pid=2992
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff76ce40000
                                                                                                                                                                                                                                                                                                                                                                                File size:2'892'080 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:0E11E9D3C16F6B0F59EC10488A36A415
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:39
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:47
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                                                                File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:40
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:50
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\System32\cmd.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:C:\Windows\system32\cmd.exe /S /C ""C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription" > "C:\Users\user\AppData\Local\Temp\OPSD146.tmp" 2> "C:\Users\user\AppData\Local\Temp\OPSD147.tmp""
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff7514c0000
                                                                                                                                                                                                                                                                                                                                                                                File size:289'792 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:41
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:50
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                                                                File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:42
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:51
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe" -noprofile -ExecutionPolicy Bypass "(Get-ItemProperty 'C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe').VersionInfo.FileDescription"
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff7be880000
                                                                                                                                                                                                                                                                                                                                                                                File size:452'608 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:43
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:52
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff7d5e10000
                                                                                                                                                                                                                                                                                                                                                                                File size:45'359'408 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:2C06EA7AA9BB892D84ADD917952FA262
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:44
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:53
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\CCleaner\CCleaner.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x320000
                                                                                                                                                                                                                                                                                                                                                                                File size:39'135'536 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:A2EE8E9ACC0C8F79953A42B213A9C201
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:45
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:53
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\CCleaner\CCleaner64.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff7d5e10000
                                                                                                                                                                                                                                                                                                                                                                                File size:45'359'408 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:2C06EA7AA9BB892D84ADD917952FA262
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:47
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:56
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Program Files\CCleaner\CCleanerCrashDump.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:"C:\Program Files\CCleaner\CCleanerCrashDump.exe" --pid 7236 --exception_ptr 0000005CCC9FD640 --thread_id 8100 --dump_level 21 --dump_file "C:\Program Files\CCleaner\LOG\unp31145570997760611i-unhandled.mdmp" --comment "" --min_interval 60
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff669ef0000
                                                                                                                                                                                                                                                                                                                                                                                File size:3'509'552 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:A27D2E703C03AB74FE3CC5AF08365317
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                General

                                                                                                                                                                                                                                                                                                                                                                                Target ID:48
                                                                                                                                                                                                                                                                                                                                                                                Start time:06:15:56
                                                                                                                                                                                                                                                                                                                                                                                Start date:24/11/2024
                                                                                                                                                                                                                                                                                                                                                                                Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                                                                                Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                                                                                Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                                                                                Imagebase:0x7ff6d64d0000
                                                                                                                                                                                                                                                                                                                                                                                File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                                                                                MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                                                                                Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                                                                                Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                                                                                Has exited:true

                                                                                                                                                                                                                                                                                                                                                                                Disassembly

                                                                                                                                                                                                                                                                                                                                                                                Reset < >

                                                                                                                                                                                                                                                                                                                                                                                  Execution Graph

                                                                                                                                                                                                                                                                                                                                                                                  Execution Coverage:47.5%
                                                                                                                                                                                                                                                                                                                                                                                  Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                                                                                                                                                                  Signature Coverage:8.1%
                                                                                                                                                                                                                                                                                                                                                                                  Total number of Nodes:517
                                                                                                                                                                                                                                                                                                                                                                                  Total number of Limit Nodes:18
                                                                                                                                                                                                                                                                                                                                                                                  execution_graph 3392 6b73e250 3395 6b72e900 3392->3395 3394 6b73e26b 3398 6b72e4e0 3395->3398 3397 6b72e93f 3397->3394 3400 6b72e539 3398->3400 3399 6b72e860 3400->3399 3405 6b74a280 3400->3405 3402 6b72e5b3 3403 6b72e830 __Mtx_unlock 3402->3403 3404 6b72e85a 3403->3404 3404->3397 3406 6b74a2ed 3405->3406 3407 6b74a2f8 GetModuleHandleW GetProcAddress 3406->3407 3408 6b74a87a 3406->3408 3409 6b74a331 3407->3409 3410 6b74a3dc 3409->3410 3417 6b74a4f7 3409->3417 3411 6b74a990 94 API calls 3410->3411 3412 6b74a471 3411->3412 3413 6b74a4e2 __Mtx_unlock 3412->3413 3415 6b74a85a 3413->3415 3414 6b74a84e __Mtx_unlock 3414->3415 3415->3402 3418 6b74a74a 3417->3418 3419 6b74a990 3417->3419 3418->3414 3420 6b74a9c3 3419->3420 3421 6b74a9fb 3419->3421 3443 6b7342d0 3420->3443 3447 6b734830 3420->3447 3450 6b74b5e0 3420->3450 3453 6b74b740 3420->3453 3456 6b74ba00 3420->3456 3459 6b734200 3420->3459 3462 6b735080 3420->3462 3465 6b734080 3420->3465 3468 6b734700 3420->3468 3471 6b7344a0 3420->3471 3474 6b734900 3420->3474 3477 6b74b950 3420->3477 3480 6b74b530 3420->3480 3483 6b74bc10 3420->3483 3486 6b74b7f0 3420->3486 3489 6b74b690 3420->3489 3492 6b7349b0 3420->3492 3495 6b7343f0 3420->3495 3498 6b734550 3420->3498 3501 6b7347b0 3420->3501 3421->3417 3422 6b74a9d7 3422->3417 3444 6b7a92c0 3443->3444 3445 6b73431b CallNtPowerInformation 3444->3445 3446 6b734334 3445->3446 3446->3422 3504 6b72d430 3447->3504 3449 6b734870 3449->3422 3538 6b749cf0 3450->3538 3452 6b74b619 3452->3422 3548 6b749a70 3453->3548 3455 6b74b779 3455->3422 3551 6b749570 3456->3551 3458 6b74ba39 3458->3422 3554 6b736c50 3459->3554 3461 6b734240 3461->3422 3583 6b72d0c0 3462->3583 3464 6b7350bc 3464->3422 3466 6b78ee80 5 API calls 3465->3466 3467 6b7340ff 3466->3467 3467->3422 3710 6b72d670 3468->3710 3470 6b734739 3470->3422 3738 6b72d740 3471->3738 3473 6b7344d9 3473->3422 3778 6b72d340 3474->3778 3476 6b734939 3476->3422 3825 6b7496b0 3477->3825 3479 6b74b989 3479->3422 3828 6b749e30 3480->3828 3482 6b74b569 3482->3422 3831 6b749230 GetDiskFreeSpaceExW 3483->3831 3485 6b74bc49 3485->3422 3833 6b749930 3486->3833 3488 6b74b829 3488->3422 3836 6b749bb0 3489->3836 3491 6b74b6c9 3491->3422 3839 6b72d250 3492->3839 3494 6b7349e9 3494->3422 3849 6b72da20 CallNtPowerInformation 3495->3849 3497 6b734429 3497->3422 3499 6b78fbf0 8 API calls 3498->3499 3500 6b7345aa 3499->3500 3500->3422 3851 6b736250 3501->3851 3503 6b7347e2 3503->3422 3507 6b72d484 3504->3507 3508 6b72d622 3504->3508 3507->3508 3509 6b78ee80 3507->3509 3519 6b78f920 3507->3519 3508->3449 3510 6b78eecf 3509->3510 3511 6b78eec0 SetLastError 3509->3511 3512 6b78ef09 RegOpenKeyExW 3510->3512 3518 6b78ef32 3510->3518 3516 6b78f099 3511->3516 3513 6b78ef1f SetLastError 3512->3513 3512->3518 3513->3516 3514 6b78ef60 RegEnumKeyExW 3515 6b78f087 3514->3515 3514->3518 3517 6b78f089 SetLastError 3515->3517 3516->3507 3517->3516 3518->3514 3518->3517 3526 6b78f420 3519->3526 3521 6b78f993 3522 6b78f9ab GetLastError 3521->3522 3523 6b78f99a 3521->3523 3522->3523 3524 6b78f9bb SetLastError 3523->3524 3525 6b78f9de 3524->3525 3525->3507 3527 6b78f46f SetLastError 3526->3527 3530 6b78f47e 3526->3530 3528 6b78f65e 3527->3528 3528->3521 3529 6b78f4f1 RegQueryValueExW 3536 6b78f586 3529->3536 3537 6b78f533 3529->3537 3530->3529 3531 6b78f4c2 RegOpenKeyExW 3530->3531 3531->3529 3533 6b78f4e3 SetLastError 3531->3533 3533->3528 3534 6b78f5d7 RegQueryValueExW 3534->3536 3534->3537 3535 6b78f652 SetLastError 3535->3528 3536->3534 3536->3537 3537->3535 3541 6b78fcd0 3538->3541 3540 6b749d50 3540->3452 3542 6b78f420 6 API calls 3541->3542 3543 6b78fd43 3542->3543 3544 6b78fd72 GetLastError 3543->3544 3545 6b78fd4a 3543->3545 3544->3545 3546 6b78fd82 SetLastError 3545->3546 3547 6b78fda5 3546->3547 3547->3540 3549 6b78fcd0 8 API calls 3548->3549 3550 6b749ad0 3549->3550 3550->3455 3552 6b78fcd0 8 API calls 3551->3552 3553 6b7495d0 3552->3553 3553->3458 3557 6b73f550 3554->3557 3556 6b736c80 3556->3461 3560 6b73f59a 3557->3560 3558 6b73f5d5 3558->3556 3560->3558 3561 6b7698b0 3560->3561 3562 6b7698e6 3561->3562 3567 6b769940 3562->3567 3564 6b7698f7 3571 6b78d9c0 SetLastError 3564->3571 3566 6b769909 3566->3560 3568 6b769984 3567->3568 3573 6b769a60 3568->3573 3570 6b76999c 3570->3564 3572 6b78da12 3571->3572 3572->3566 3574 6b769ad2 3573->3574 3576 6b769ac8 3573->3576 3575 6b76c080 9 API calls 3574->3575 3575->3576 3577 6b78f920 8 API calls 3576->3577 3578 6b769b4a 3577->3578 3579 6b769ba4 3578->3579 3580 6b76c080 9 API calls 3578->3580 3582 6b769b62 3578->3582 3581 6b78e2c0 17 API calls 3579->3581 3580->3579 3581->3582 3582->3570 3584 6b72d1e4 3583->3584 3586 6b72d103 3583->3586 3584->3464 3586->3584 3589 6b74c060 EnterCriticalSection 3586->3589 3587 6b72d1a0 wsprintfW 3588 6b72d198 3587->3588 3588->3584 3588->3587 3588->3588 3592 6b74c0c8 3589->3592 3596 6b74c0a6 3589->3596 3590 6b74c9eb LeaveCriticalSection 3591 6b74ca0f 3590->3591 3591->3588 3597 6b74dfe0 3592->3597 3594 6b74c3db 3610 6b74e050 GetVersion 3594->3610 3596->3590 3598 6b74e000 3597->3598 3599 6b74dff0 3597->3599 3636 6b74cd00 3598->3636 3599->3594 3601 6b74e009 3651 6b74cfd0 GetVersion 3601->3651 3603 6b74e023 3664 6b74d340 3603->3664 3605 6b74e02d 3678 6b74d740 3605->3678 3607 6b74e037 3692 6b74dac0 3607->3692 3609 6b74e041 3609->3594 3611 6b74e0d1 3610->3611 3612 6b74e0c9 3610->3612 3613 6b74e1b0 GetModuleHandleW GetProcAddress 3611->3613 3614 6b74e0df GetModuleHandleW GetProcAddress 3611->3614 3618 6b7b9d30 2 API calls 3612->3618 3615 6b74e355 3613->3615 3616 6b74e1ee 3613->3616 3614->3612 3617 6b74e100 GetSystemFirmwareTable 3614->3617 3620 6b74e415 CloseHandle 3615->3620 3621 6b74e41c 3615->3621 3616->3615 3627 6b74e234 MapViewOfFile 3616->3627 3617->3612 3629 6b74e120 3617->3629 3619 6b74e719 3618->3619 3623 6b7b9d30 2 API calls 3619->3623 3620->3621 3635 6b74e17b 3621->3635 3624 6b74e721 3623->3624 3626 6b7b9d30 2 API calls 3624->3626 3625 6b74e704 UnmapViewOfFile 3625->3612 3628 6b74e729 3626->3628 3627->3615 3630 6b74e258 3627->3630 3628->3596 3629->3612 3631 6b74e171 GetSystemFirmwareTable 3629->3631 3630->3615 3632 6b74e2ea UnmapViewOfFile MapViewOfFile 3630->3632 3631->3612 3631->3635 3632->3615 3633 6b74e32f 3632->3633 3633->3615 3634 6b74e395 UnmapViewOfFile 3633->3634 3634->3615 3635->3612 3635->3625 3637 6b739310 3636->3637 3638 6b74cdb2 GetSystemDirectoryW 3637->3638 3639 6b74cdcd GetLastError 3638->3639 3640 6b74cdda 3638->3640 3642 6b74cf81 3639->3642 3641 6b74ce35 GetVolumePathNameW 3640->3641 3641->3639 3644 6b74ce5e 3641->3644 3642->3601 3643 6b74ceb9 GetVolumeNameForVolumeMountPointW 3643->3639 3645 6b74cee2 3643->3645 3644->3643 3646 6b74cf0b CreateFileW 3645->3646 3646->3639 3647 6b74cf48 DeviceIoControl 3646->3647 3648 6b74cf72 3647->3648 3649 6b74cf68 GetLastError 3647->3649 3650 6b74cf7a CloseHandle 3648->3650 3649->3650 3650->3642 3652 6b74d06c 3651->3652 3653 6b74d11f CreateFileW 3652->3653 3654 6b74d145 GetLastError 3653->3654 3657 6b74d154 3653->3657 3655 6b74d2fb 3654->3655 3707 6b7b9d30 3655->3707 3659 6b74d17f DeviceIoControl 3657->3659 3663 6b74d16a 3657->3663 3658 6b74d2f2 CloseHandle 3658->3655 3661 6b74d1a6 GetLastError 3659->3661 3662 6b74d1b3 3659->3662 3660 6b74d301 3660->3603 3661->3658 3662->3663 3663->3658 3663->3662 3665 6b74d3de 3664->3665 3668 6b74d3e8 3664->3668 3666 6b7b9d30 2 API calls 3665->3666 3667 6b74d706 3666->3667 3667->3605 3669 6b74d4cf CreateFileW 3668->3669 3670 6b74d508 DeviceIoControl 3669->3670 3671 6b74d4fb GetLastError 3669->3671 3672 6b74d528 GetLastError 3670->3672 3674 6b74d535 3670->3674 3671->3665 3673 6b74d6f2 CloseHandle 3672->3673 3673->3665 3675 6b74d583 DeviceIoControl 3674->3675 3677 6b74d53c 3674->3677 3675->3672 3676 6b74d5dc 3675->3676 3676->3677 3677->3673 3679 6b74d7df 3678->3679 3680 6b74d89f CreateFileW 3679->3680 3681 6b74d8c5 GetLastError 3680->3681 3682 6b74d8d2 DeviceIoControl 3680->3682 3683 6b74da7e 3681->3683 3684 6b74d8f2 GetLastError 3682->3684 3687 6b74d8ff 3682->3687 3685 6b7b9d30 2 API calls 3683->3685 3686 6b74da75 CloseHandle 3684->3686 3688 6b74da84 3685->3688 3686->3683 3689 6b74d92a DeviceIoControl 3687->3689 3691 6b74d915 3687->3691 3688->3607 3689->3684 3690 6b74d955 3689->3690 3690->3691 3691->3686 3693 6b74db3e 3692->3693 3694 6b74dbdd CreateFileW 3693->3694 3695 6b74dc03 GetLastError 3694->3695 3702 6b74dc11 3694->3702 3696 6b74de4d 3695->3696 3697 6b7b9d30 2 API calls 3696->3697 3698 6b74de53 3697->3698 3700 6b7b9d30 2 API calls 3698->3700 3699 6b74de44 CloseHandle 3699->3696 3701 6b74de5c 3700->3701 3701->3609 3703 6b74dcd8 DeviceIoControl 3702->3703 3706 6b74dc24 3702->3706 3704 6b74dd06 GetLastError 3703->3704 3705 6b74dd24 3703->3705 3704->3702 3704->3706 3705->3706 3706->3699 3708 6b7c55ff RtlFreeHeap GetLastError 3707->3708 3709 6b7b9d48 3708->3709 3709->3660 3715 6b75d790 3710->3715 3712 6b72d6b3 3713 6b78fcd0 8 API calls 3712->3713 3714 6b72d6d2 3713->3714 3714->3470 3716 6b75d7ce 3715->3716 3718 6b75d7f0 3715->3718 3716->3718 3719 6b76c080 3716->3719 3718->3712 3720 6b76c0e0 3719->3720 3721 6b76c0be 3719->3721 3720->3718 3721->3720 3723 6b76c3e0 3721->3723 3724 6b76c3ee 3723->3724 3725 6b76c3f3 3724->3725 3726 6b76c401 3724->3726 3731 6b76c420 3725->3731 3735 6b7a9c5e 3726->3735 3728 6b76c3f8 3728->3720 3730 6b76c419 3734 6b76c483 3731->3734 3732 6b78fbf0 8 API calls 3733 6b76ccc6 3732->3733 3733->3728 3734->3732 3736 6b7a9c78 3735->3736 3737 6b7a9ca5 KiUserExceptionDispatcher 3735->3737 3736->3737 3737->3730 3739 6b76c080 9 API calls 3738->3739 3740 6b72d7c4 3739->3740 3741 6b78f920 8 API calls 3740->3741 3742 6b72d7ec 3741->3742 3743 6b76c080 9 API calls 3742->3743 3762 6b72d7f3 3742->3762 3744 6b72d81b 3743->3744 3763 6b78fbf0 3744->3763 3745 6b78f2f0 4 API calls 3746 6b72d996 3745->3746 3749 6b78f2f0 4 API calls 3746->3749 3753 6b72d9b3 3746->3753 3748 6b72d83d 3750 6b76c080 9 API calls 3748->3750 3748->3762 3749->3753 3751 6b72d891 3750->3751 3770 6b78f2f0 3751->3770 3753->3473 3754 6b72d8b4 3755 6b72d8de 3754->3755 3757 6b76c080 9 API calls 3754->3757 3756 6b76c080 9 API calls 3755->3756 3755->3762 3758 6b72d92a 3756->3758 3759 6b72d8c0 3757->3759 3760 6b78f920 8 API calls 3758->3760 3761 6b78f2f0 4 API calls 3759->3761 3760->3762 3761->3755 3762->3745 3764 6b78f420 6 API calls 3763->3764 3765 6b78fc63 3764->3765 3766 6b78fc6a 3765->3766 3767 6b78fc8c GetLastError 3765->3767 3768 6b78fc9c SetLastError 3766->3768 3767->3766 3769 6b78fcbf 3768->3769 3769->3748 3771 6b78f33a 3770->3771 3772 6b78f32b SetLastError 3770->3772 3773 6b78f379 RegQueryInfoKeyW 3771->3773 3776 6b78f365 RegOpenKeyExW 3771->3776 3775 6b78f3a0 3772->3775 3774 6b78f399 3773->3774 3774->3775 3777 6b78f3a8 RegQueryValueExW 3774->3777 3775->3754 3776->3774 3777->3775 3779 6b72d38a 3778->3779 3784 6b730590 3779->3784 3781 6b72d393 3787 6b75ccd0 3781->3787 3782 6b72d3aa 3782->3476 3790 6b731260 3784->3790 3786 6b7305c0 3786->3781 3815 6b75ce00 3787->3815 3789 6b75cce0 3789->3782 3793 6b731430 3790->3793 3792 6b73129e 3792->3786 3794 6b7315b4 3793->3794 3796 6b731466 3793->3796 3795 6b7a9c5e KiUserExceptionDispatcher 3794->3795 3797 6b7315cf 3795->3797 3798 6b731491 3796->3798 3799 6b73155a 3796->3799 3805 6b731530 3796->3805 3806 6b731780 3798->3806 3800 6b73155e WaitForSingleObject 3799->3800 3799->3805 3800->3805 3803 6b7314d1 3809 6b78a720 3803->3809 3805->3792 3807 6b7318b0 7 API calls 3806->3807 3808 6b7314ba 3807->3808 3808->3794 3808->3803 3810 6b78a75a 3809->3810 3811 6b78a78d EnterCriticalSection 3810->3811 3814 6b78a7b8 3811->3814 3812 6b78a7d9 LeaveCriticalSection 3813 6b78a7f8 3812->3813 3813->3805 3814->3812 3817 6b75ce50 3815->3817 3816 6b78f920 8 API calls 3816->3817 3817->3816 3823 6b75d126 3817->3823 3824 6b75cea9 3817->3824 3818 6b75cf47 GetLastError 3818->3824 3819 6b75cf58 SetLastError 3819->3824 3820 6b78f420 6 API calls 3820->3824 3821 6b75d066 GetLastError 3821->3824 3822 6b75d077 SetLastError 3822->3824 3823->3789 3824->3818 3824->3819 3824->3820 3824->3821 3824->3822 3824->3823 3826 6b78fcd0 8 API calls 3825->3826 3827 6b749710 3826->3827 3827->3479 3829 6b78fcd0 8 API calls 3828->3829 3830 6b749e90 3829->3830 3830->3482 3832 6b74927e 3831->3832 3832->3485 3834 6b78fcd0 8 API calls 3833->3834 3835 6b749990 3834->3835 3835->3488 3837 6b78fcd0 8 API calls 3836->3837 3838 6b749c10 3837->3838 3838->3491 3840 6b72d29a 3839->3840 3841 6b730590 8 API calls 3840->3841 3842 6b72d2a3 3841->3842 3845 6b75cd00 3842->3845 3843 6b72d2b6 3843->3494 3848 6b75cd10 3845->3848 3846 6b78f2f0 SetLastError RegOpenKeyExW RegQueryInfoKeyW RegQueryValueExW 3846->3848 3847 6b75cd4f 3847->3843 3848->3846 3848->3847 3850 6b72da77 3849->3850 3850->3497 3854 6b7362d0 3851->3854 3852 6b78f920 8 API calls 3852->3854 3853 6b7363de 3853->3503 3854->3852 3854->3853 3855 6b73e080 3856 6b78f2f0 4 API calls 3855->3856 3857 6b73e0b4 3856->3857 3858 6b78f2f0 4 API calls 3857->3858 3859 6b73e137 3858->3859 3860 6b749f70 3861 6b78fcd0 8 API calls 3860->3861 3862 6b749fd0 3861->3862 3863 6b7c8668 3865 6b7c86a4 3863->3865 3866 6b7c8676 3863->3866 3864 6b7c8691 RtlAllocateHeap 3864->3865 3864->3866 3866->3864 3866->3865 3867 6b7758f0 3870 6b7796b0 3867->3870 3869 6b775902 3871 6b779733 3870->3871 3879 6b779790 3870->3879 3872 6b77976e __Mtx_unlock 3871->3872 3873 6b77975c __Cnd_signal 3871->3873 3877 6b77989b 3871->3877 3871->3879 3872->3879 3873->3872 3874 6b779828 DeleteCriticalSection 3875 6b776270 3874->3875 3876 6b77983a DeleteCriticalSection 3875->3876 3878 6b779851 3876->3878 3877->3869 3878->3869 3879->3874 3880 6b775fc0 3881 6b775fd2 3880->3881 3884 6b75cb60 3881->3884 3883 6b775fda 3885 6b75cba0 3884->3885 3886 6b75cbe9 3885->3886 3887 6b75cbcd Sleep 3885->3887 3886->3883 3887->3885 3887->3886 3888 6b78c380 3889 6b78c3c0 3888->3889 3890 6b78c3ca CreateFileW 3889->3890 3893 6b78c432 3889->3893 3894 6b78c402 Sleep 3889->3894 3891 6b78c412 3890->3891 3892 6b78c3f2 GetLastError 3890->3892 3892->3889 3892->3893 3895 6b7a9c5e KiUserExceptionDispatcher 3893->3895 3894->3889 3896 6b78c44e 3895->3896 3897 6b791e70 3898 6b791e79 ___security_init_cookie 3897->3898 3899 6b791e7e 3897->3899 3898->3899 3900 6b7956b0 3901 6b79585f 3900->3901 3902 6b7956f4 3900->3902 3910 6b7a9c5e KiUserExceptionDispatcher 3901->3910 3902->3901 3903 6b7956fb 3902->3903 3904 6b79577d 3902->3904 3905 6b7957f1 3902->3905 3912 6b794530 3903->3912 3908 6b794530 22 API calls 3904->3908 3906 6b794530 22 API calls 3905->3906 3909 6b795756 3906->3909 3908->3909 3911 6b7958b6 3910->3911 3913 6b79456e 3912->3913 3916 6b7945d0 3913->3916 3915 6b7945b5 3915->3909 3920 6b7946a4 3916->3920 3917 6b794743 WinHttpConnect 3918 6b79545a GetLastError 3917->3918 3919 6b794782 3917->3919 3947 6b79499b 3918->3947 3921 6b7947b3 3919->3921 3922 6b7947a6 WinHttpCloseHandle 3919->3922 3920->3917 3923 6b7947c9 WinHttpCloseHandle 3921->3923 3924 6b7947dc 3921->3924 3922->3921 3923->3924 3953 6b795c80 3924->3953 3926 6b79550f 3927 6b7a9c5e KiUserExceptionDispatcher 3926->3927 3928 6b795531 3927->3928 3929 6b7a9c5e KiUserExceptionDispatcher 3929->3926 3930 6b7947fe 3930->3926 3931 6b794932 WinHttpOpenRequest 3930->3931 3932 6b794973 GetLastError 3931->3932 3938 6b7949d9 3931->3938 3932->3947 3933 6b794cdb 3936 6b794dc0 _strftime 3933->3936 3949 6b794d6f 3933->3949 3934 6b794ee6 WinHttpSendRequest 3937 6b795417 GetLastError 3934->3937 3940 6b794f09 3934->3940 3935 6b794c84 WinHttpAddRequestHeaders 3935->3938 3939 6b794d94 GetLastError 3935->3939 3936->3949 3937->3947 3938->3933 3938->3935 3938->3947 3939->3947 3943 6b794f4f WinHttpQueryOption 3940->3943 3948 6b794f82 3940->3948 3941 6b795043 WinHttpReceiveResponse 3942 6b7953d4 GetLastError 3941->3942 3946 6b79505d 3941->3946 3942->3947 3943->3947 3943->3948 3944 6b7950bf WinHttpQueryHeaders 3945 6b7950fb GetLastError 3944->3945 3951 6b795142 3944->3951 3945->3947 3945->3951 3946->3944 3947->3929 3948->3928 3948->3941 3948->3947 3949->3934 3950 6b7952e5 WinHttpCloseHandle 3952 6b7952f2 3950->3952 3951->3950 3951->3952 3952->3915 3961 6b796800 3953->3961 3955 6b795cc7 3965 6b7932d0 3955->3965 3957 6b795cf1 3957->3930 3958 6b795cda 3958->3957 3959 6b7a9c5e KiUserExceptionDispatcher 3958->3959 3960 6b795d21 3959->3960 3962 6b796850 3961->3962 3963 6b7932d0 5 API calls 3962->3963 3964 6b7968ab 3963->3964 3964->3955 3966 6b793410 3965->3966 3968 6b793307 3965->3968 3967 6b7a9c5e KiUserExceptionDispatcher 3966->3967 3970 6b79342b 3967->3970 3969 6b7933a1 3968->3969 3971 6b79332d 3968->3971 3972 6b7933df 3968->3972 3969->3972 3973 6b7933a5 WaitForSingleObject 3969->3973 3974 6b7a9c5e KiUserExceptionDispatcher 3970->3974 3971->3970 3975 6b793357 3971->3975 3972->3958 3980 6b793383 3973->3980 3976 6b793446 3974->3976 3979 6b78a720 2 API calls 3975->3979 3977 6b7933bd CloseHandle 3978 6b7933dc 3977->3978 3978->3972 3979->3980 3980->3972 3980->3977 3981 6b794280 3982 6b7942bd 3981->3982 3983 6b79431e WinHttpOpen 3982->3983 3984 6b7943ee GetLastError 3983->3984 3986 6b79433b 3983->3986 3985 6b794403 3984->3985 3987 6b7a9c5e KiUserExceptionDispatcher 3985->3987 3988 6b794422 3987->3988 3989 6b79443e WinHttpCloseHandle 3988->3989 3992 6b794448 3988->3992 3989->3992 3990 6b79451e 3991 6b794515 WinHttpCloseHandle 3991->3990 3992->3990 3992->3991

                                                                                                                                                                                                                                                                                                                                                                                  Callgraph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Opacity -> Relevance
                                                                                                                                                                                                                                                                                                                                                                                  • Disassembly available
                                                                                                                                                                                                                                                                                                                                                                                  callgraph 0 Function_6B72D670 83 Function_6B78FCD0 0->83 111 Function_6B75D790 0->111 1 Function_6B73C470 18 Function_6B73C350 1->18 2 Function_6B749F70 2->83 3 Function_6B749A70 3->83 4 Function_6B749570 4->83 5 Function_6B78A870 6 Function_6B791E70 50 Function_6B791D20 6->50 7 Function_6B73C060 26 Function_6B784D50 7->26 8 Function_6B731260 36 Function_6B731430 8->36 72 Function_6B7A75F3 8->72 9 Function_6B7C8668 10 Function_6B74C060 22 Function_6B74E050 10->22 75 Function_6B74DFE0 10->75 11 Function_6B75CB60 12 Function_6B769A60 47 Function_6B78F920 12->47 93 Function_6B78E2C0 12->93 118 Function_6B76C080 12->118 13 Function_6B72D250 61 Function_6B75CD00 13->61 108 Function_6B730590 13->108 14 Function_6B732250 20 Function_6B735F50 14->20 15 Function_6B736250 15->47 16 Function_6B73E250 53 Function_6B72E900 16->53 17 Function_6B736C50 21 Function_6B73F550 17->21 89 Function_6B73C1C0 18->89 19 Function_6B734550 69 Function_6B78FBF0 19->69 101 Function_6B7698B0 21->101 42 Function_6B7B9D30 22->42 23 Function_6B74B950 100 Function_6B7496B0 23->100 24 Function_6B7A9C5E 25 Function_6B776050 25->24 46 Function_6B78A720 25->46 25->72 97 Function_6B733BB0 26->97 27 Function_6B72D340 81 Function_6B75CCD0 27->81 27->108 28 Function_6B72D740 28->47 28->69 70 Function_6B78F2F0 28->70 28->118 29 Function_6B74D340 29->42 30 Function_6B74D740 30->42 31 Function_6B74B740 31->3 32 Function_6B769940 32->12 33 Function_6B72D430 33->47 120 Function_6B78EE80 33->120 34 Function_6B731B30 34->26 35 Function_6B734830 35->33 36->24 36->46 36->72 116 Function_6B731780 36->116 37 Function_6B749930 37->83 38 Function_6B749E30 38->83 39 Function_6B749230 40 Function_6B74B530 40->38 41 Function_6B794530 84 Function_6B7945D0 41->84 65 Function_6B7C55FF 42->65 43 Function_6B72DA20 44 Function_6B75C220 44->24 44->46 44->72 45 Function_6B76C420 45->69 103 Function_6B78A4B0 46->103 48 Function_6B78F420 47->48 49 Function_6B791A20 49->49 78 Function_6B7920E0 49->78 87 Function_6B7BFCD1 49->87 112 Function_6B791B90 49->112 51 Function_6B74BC10 51->39 52 Function_6B794210 73 Function_6B72E4E0 53->73 54 Function_6B728700 54->52 55 Function_6B734900 55->27 56 Function_6B734200 56->17 57 Function_6B734700 57->0 58 Function_6B74CD00 59 Function_6B74BA00 59->4 60 Function_6B75CE00 60->47 60->48 61->70 62 Function_6B776000 62->25 63 Function_6B796800 85 Function_6B7932D0 63->85 64 Function_6B7343F0 64->43 66 Function_6B749CF0 66->83 67 Function_6B74B7F0 67->37 68 Function_6B7758F0 68->72 102 Function_6B7796B0 68->102 69->48 71 Function_6B791EF0 71->5 71->24 71->72 73->14 107 Function_6B732190 73->107 117 Function_6B74A280 73->117 74 Function_6B73C4E0 74->1 74->24 74->46 74->72 74->74 75->29 75->30 75->58 80 Function_6B74CFD0 75->80 91 Function_6B74DAC0 75->91 76 Function_6B74B5E0 76->66 77 Function_6B76C3E0 77->24 77->45 78->71 78->72 79 Function_6B7342D0 80->42 81->60 82 Function_6B75C1D0 82->44 83->48 84->24 122 Function_6B795C80 84->122 85->24 85->46 85->72 86 Function_6B7914D0 87->54 88 Function_6B72D0C0 88->10 89->7 90 Function_6B73C8C0 91->42 92 Function_6B775FC0 92->11 92->72 93->24 93->47 94 Function_6B78D9C0 94->72 95 Function_6B7347B0 95->15 96 Function_6B7349B0 96->13 97->62 97->82 98 Function_6B7318B0 106 Function_6B7319A0 98->106 99 Function_6B749BB0 99->83 100->83 101->32 101->94 102->72 103->86 104 Function_6B7956B0 104->24 104->41 105 Function_6B7344A0 105->28 106->34 107->90 108->8 109 Function_6B74A990 109->19 109->23 109->31 109->35 109->40 109->51 109->55 109->56 109->57 109->59 109->64 109->67 109->72 109->76 109->79 109->95 109->96 109->105 110 Function_6B74B690 109->110 114 Function_6B734080 109->114 115 Function_6B735080 109->115 110->99 111->118 112->49 112->78 112->112 113 Function_6B73E080 113->70 114->120 115->88 116->98 117->109 118->77 119 Function_6B78C380 119->24 121 Function_6B794280 121->24 122->24 122->63 122->85

                                                                                                                                                                                                                                                                                                                                                                                  Executed Functions

                                                                                                                                                                                                                                                                                                                                                                                  Function 6B74D340 Relevance: 12.6, APIs: 6, Strings: 1, Instructions: 304fileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(00000000,C0000000,00000003,00000000,00000003,00000000,00000000,?,\\.\PhysicalDrive,00000011,5D46D5D7,00000000,00000000), ref: 6B74D4EA
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,\\.\PhysicalDrive,00000011,5D46D5D7,00000000,00000000), ref: 6B74D4FB
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CreateErrorFileLast
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: \\.\PhysicalDrive
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1214770103-1035684025
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: e73253d178e0934e8487aad25830fad8be252cf1c1ef3b7cf9cf65f43aa2a3db
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: a46d51f8b066465c1228479278b18199e9a34a22ff2e625f803f74e878a3e916
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e73253d178e0934e8487aad25830fad8be252cf1c1ef3b7cf9cf65f43aa2a3db
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: BDC11470D442589BEB14CFB8CD45BEDBBB0BF05304F10426CF459AB282EB786A85CB95
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B74CFD0 Relevance: 12.5, APIs: 6, Strings: 1, Instructions: 275fileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 990 6b74cfd0-6b74d143 GetVersion call 6b73cc30 call 6b74ad70 call 6b73dcd0 * 3 CreateFileW 1001 6b74d154-6b74d168 call 6b7be1b0 990->1001 1002 6b74d145-6b74d14f GetLastError 990->1002 1007 6b74d172-6b74d1a4 call 6b7a92c0 DeviceIoControl 1001->1007 1008 6b74d16a-6b74d16d 1001->1008 1003 6b74d2fb-6b74d332 call 6b7b9d30 call 6b73dcd0 call 6b7a7589 1002->1003 1016 6b74d1a6-6b74d1ae GetLastError 1007->1016 1017 6b74d1b3-6b74d1b8 1007->1017 1010 6b74d2f2-6b74d2f5 CloseHandle 1008->1010 1010->1003 1016->1010 1018 6b74d2ed 1017->1018 1019 6b74d1be-6b74d1c3 1017->1019 1018->1010 1019->1018 1021 6b74d1c9-6b74d1ce 1019->1021 1022 6b74d1d4 1021->1022 1023 6b74d27e-6b74d285 1021->1023 1024 6b74d1d6-6b74d1db 1022->1024 1025 6b74d1e1-6b74d1eb 1022->1025 1026 6b74d288-6b74d28d 1023->1026 1024->1023 1024->1025 1027 6b74d200-6b74d20f 1025->1027 1028 6b74d1ed-6b74d1f3 1025->1028 1026->1026 1029 6b74d28f 1026->1029 1032 6b74d211-6b74d21a 1027->1032 1033 6b74d23b-6b74d244 call 6b7387b0 1027->1033 1030 6b74d1f5 1028->1030 1031 6b74d1f7-6b74d1fe 1028->1031 1034 6b74d292-6b74d2b8 call 6b73d810 call 6b735ac0 1029->1034 1030->1031 1036 6b74d249-6b74d266 call 6b738370 call 6b74cba0 1031->1036 1037 6b74d21c 1032->1037 1038 6b74d21e-6b74d239 call 6b7a92c0 1032->1038 1033->1036 1048 6b74d2bc-6b74d2eb call 6b7a8d40 call 6b735a00 call 6b738910 1034->1048 1049 6b74d2ba 1034->1049 1052 6b74d268 1036->1052 1053 6b74d26a-6b74d26f 1036->1053 1037->1038 1038->1036 1048->1010 1049->1048 1052->1053 1055 6b74d272-6b74d277 1053->1055 1055->1055 1057 6b74d279-6b74d27c 1055->1057 1057->1034
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetVersion.KERNEL32(5D46D5D7,00000000,00000000), ref: 6B74D056
                                                                                                                                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(00000000,00000000,00000003,00000000,00000003,00000000,00000000,?,\\.\PhysicalDrive,00000011), ref: 6B74D137
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,\\.\PhysicalDrive,00000011), ref: 6B74D145
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,?,?,00000011), ref: 6B74D2F5
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CloseCreateErrorFileHandleLastVersion
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: \\.\PhysicalDrive
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1515857667-1035684025
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 5941f9f74de8202a29567b6fa4a22b10ef32f619ac1266ec156e9e244fc61ef1
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 12680319b2c834d28bc7311201ea988059749ad8ccbd1703bffd8fc5cdb8d727
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5941f9f74de8202a29567b6fa4a22b10ef32f619ac1266ec156e9e244fc61ef1
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D1A1E270E40218AFDB14CFB8C915B9EB7B1FF45704F10422DF455AB281EBB8AA45CB94
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B74D740 Relevance: 12.5, APIs: 6, Strings: 1, Instructions: 272fileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 1061 6b74d740-6b74d8c3 call 6b73cc30 call 6b74ad70 call 6b73dcd0 * 3 CreateFileW 1072 6b74d8c5-6b74d8cd GetLastError 1061->1072 1073 6b74d8d2-6b74d8f0 DeviceIoControl 1061->1073 1074 6b74da7e-6b74dab5 call 6b7b9d30 call 6b73dcd0 call 6b7a7589 1072->1074 1075 6b74d8f2-6b74d8fa GetLastError 1073->1075 1076 6b74d8ff-6b74d913 call 6b7be1b0 1073->1076 1078 6b74da75-6b74da78 CloseHandle 1075->1078 1083 6b74d915-6b74d918 1076->1083 1084 6b74d91d-6b74d953 call 6b7a92c0 DeviceIoControl 1076->1084 1078->1074 1083->1078 1084->1075 1090 6b74d955-6b74d95a 1084->1090 1091 6b74d960-6b74d975 1090->1091 1091->1091 1092 6b74d977-6b74d97d 1091->1092 1093 6b74d996-6b74d9aa 1092->1093 1094 6b74d97f-6b74d985 1092->1094 1097 6b74d9ac-6b74d9b9 1093->1097 1098 6b74d9de-6b74d9e7 call 6b7387b0 1093->1098 1095 6b74d987 1094->1095 1096 6b74d989-6b74d994 1094->1096 1095->1096 1099 6b74d9ec-6b74da07 call 6b738370 call 6b7be1c0 1096->1099 1100 6b74d9bd-6b74d9dc call 6b7a92c0 1097->1100 1101 6b74d9bb 1097->1101 1098->1099 1109 6b74da09 1099->1109 1110 6b74da0b-6b74da0d 1099->1110 1100->1099 1101->1100 1109->1110 1111 6b74da10-6b74da15 1110->1111 1111->1111 1112 6b74da17-6b74da3f call 6b73d810 call 6b735ac0 1111->1112 1117 6b74da41 1112->1117 1118 6b74da43-6b74da73 call 6b7a8d40 call 6b735a00 call 6b738910 1112->1118 1117->1118 1118->1078
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(00000000,C0000000,00000003,00000000,00000003,00000000,00000000,?,\\.\PhysicalDrive,00000011,5D46D5D7,00000000,00000000), ref: 6B74D8B7
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,\\.\PhysicalDrive,00000011,5D46D5D7,00000000,00000000), ref: 6B74D8C5
                                                                                                                                                                                                                                                                                                                                                                                  • DeviceIoControl.KERNEL32(00000000,00074080,00000000,00000000,?,00000018,?,00000000), ref: 6B74D8E8
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,?,?,00000000), ref: 6B74D8F2
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,?,?,00000000), ref: 6B74DA78
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorLast$CloseControlCreateDeviceFileHandle
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: \\.\PhysicalDrive
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1177325624-1035684025
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 0189335304ed627ce7470b411f97239191df59099f4b8cf13f358d6155f6bdb0
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: a142b3a709c6b0814a03668acaf043d1410d354b592f5bc3c186254834c52e64
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0189335304ed627ce7470b411f97239191df59099f4b8cf13f358d6155f6bdb0
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F5B10270E54358ABDB10CF78CD09BAEB7B4FF45304F004269F455A7282EB78AA84CB95
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B749230 Relevance: 1.5, APIs: 1, Instructions: 47COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetDiskFreeSpaceExW.KERNEL32(00000000,6B821DA8,00000000,?), ref: 6B749272
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: DiskFreeSpace
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1705453755-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 5c9d395623643a6874e53c5a56d1cf349f876fa3bf0e433caef45c8ca46f6230
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 39b204925bc4b6abaa7a63b68534002661d7088b15346cdf7d77ffacc17a71fb
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5c9d395623643a6874e53c5a56d1cf349f876fa3bf0e433caef45c8ca46f6230
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 97118071E0421DDFDB00CFA4CA45BEEBBF8FB49755F00412AF911A7284DB39A9008BA0
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B794210 Relevance: 1.5, APIs: 1, Instructions: 41timeCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B794110: GetModuleHandleW.KERNEL32(Kernel32.dll), ref: 6B794173
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B794110: GetProcAddress.KERNEL32(00000000,QueryUnbiasedInterruptTime), ref: 6B794183
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B794110: __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 6B7941B5
                                                                                                                                                                                                                                                                                                                                                                                  • GetSystemTimes.KERNEL32(?,?,?), ref: 6B794235
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: AddressHandleModuleProcSystemTimesUnothrow_t@std@@@__ehfuncinfo$??2@
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1080919813-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 6364a08087992c3f3bb56089729dfcf57d4350a1c6494fd4d68b81722d8e9ccf
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 9b394410f9e99b2b0d4910de75af3decee162b6de5ddf3fbd457eb5afc6bcc5e
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 6364a08087992c3f3bb56089729dfcf57d4350a1c6494fd4d68b81722d8e9ccf
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: BF01B3B5D002099F8B14CFA9D4818EEFBF8FB48310B00852EE856A3700DB34A945CFA0
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B7945D0 Relevance: 51.7, APIs: 17, Strings: 12, Instructions: 932COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 0 6b7945d0-6b7946a2 1 6b7946d2-6b79473e call 6b732840 call 6b73dcd0 * 2 0->1 2 6b7946a4-6b7946a9 0->2 7 6b794743-6b79477c WinHttpConnect 1->7 2->1 4 6b7946ab-6b7946b3 2->4 6 6b7946b9-6b7946bf 4->6 4->7 11 6b7946c1 6->11 12 6b7946c3-6b7946d0 call 6b73d370 6->12 9 6b79545a-6b7954f1 GetLastError call 6b73cf70 call 6b73cdc0 call 6b73d2b0 * 2 call 6b731f20 call 6b73d2b0 7->9 10 6b794782-6b7947a4 7->10 52 6b7954f2-6b795503 call 6b79a910 9->52 16 6b7947b3-6b7947c7 10->16 17 6b7947a6-6b7947ad WinHttpCloseHandle 10->17 11->12 12->7 21 6b7947c9-6b7947d6 WinHttpCloseHandle 16->21 22 6b7947dc-6b7947f9 call 6b795c80 16->22 17->16 21->22 26 6b7947fe-6b794840 call 6b795d30 22->26 31 6b794842-6b794859 26->31 32 6b794865-6b7948b3 call 6b732840 * 2 26->32 44 6b79550f-6b79552c call 6b774ba0 call 6b7a9c5e 31->44 45 6b79485f 31->45 46 6b7948cd-6b794904 call 6b73d240 32->46 47 6b7948b5-6b7948c7 call 6b73d240 32->47 64 6b795531-6b795536 call 6b7a4d9a 44->64 45->32 58 6b794908-6b79490c 46->58 59 6b794906 46->59 47->46 61 6b795509-6b79550a call 6b7a9c5e 52->61 62 6b79492d 58->62 63 6b79490e-6b794914 58->63 59->58 61->44 67 6b794932-6b794971 WinHttpOpenRequest 62->67 63->62 66 6b794916-6b79491a 63->66 66->62 69 6b79491c-6b79492b 66->69 70 6b7949d9-6b794a5e call 6b795fa0 call 6b796050 67->70 71 6b794973-6b7949d4 GetLastError call 6b798a00 call 6b74abf0 call 6b73d2b0 67->71 69->67 81 6b794a9a-6b794aa4 70->81 82 6b794a60-6b794a77 70->82 71->52 85 6b794ad0-6b794aee call 6b7978f0 81->85 86 6b794aa6-6b794aa8 81->86 82->81 98 6b794a79-6b794a95 call 6b774ba0 82->98 93 6b794af0-6b794af6 85->93 94 6b794b46-6b794b50 85->94 86->85 87 6b794aaa-6b794aae 86->87 87->85 90 6b794ab0-6b794acb call 6b797ac0 87->90 90->85 96 6b794af8-6b794afb 93->96 97 6b794b1f 93->97 99 6b794b5a-6b794b7e call 6b797ac0 94->99 101 6b794afd-6b794b0c 96->101 102 6b794b0e-6b794b1d call 6b790d00 96->102 104 6b794b24-6b794b44 97->104 98->61 108 6b794c1d-6b794c48 call 6b73dcd0 call 6b798190 99->108 109 6b794b84-6b794b9e call 6b73dc10 99->109 101->104 102->104 104->99 121 6b794c4e-6b794c74 call 6b76e020 108->121 122 6b794ce6-6b794d38 call 6b798410 108->122 116 6b794ba0-6b794bb9 call 6b73dc10 109->116 117 6b794c12-6b794c18 call 6b73dcd0 109->117 126 6b794bbb-6b794bbe 116->126 127 6b794bca 116->127 117->108 134 6b794cdb-6b794ce1 call 6b73b5e0 121->134 135 6b794c76-6b794cbb call 6b732840 WinHttpAddRequestHeaders 121->135 132 6b794d3e-6b794d6d call 6b7d5a69 122->132 133 6b794ec4-6b794ecc 122->133 126->127 130 6b794bc0-6b794bc8 126->130 131 6b794bcf-6b794c0d call 6b797c50 call 6b73dcd0 127->131 130->127 130->131 131->117 147 6b794d6f-6b794d92 132->147 148 6b794dc0-6b794df5 _strftime call 6b73cdc0 132->148 139 6b794ece-6b794ed0 133->139 140 6b794ed2-6b794edf 133->140 134->122 151 6b794cc1-6b794cd9 call 6b73dcd0 135->151 152 6b794d94-6b794dbb GetLastError call 6b73cdc0 135->152 144 6b794ee6-6b794f03 WinHttpSendRequest 139->144 140->144 149 6b794f09-6b794f16 144->149 150 6b795417-6b795455 GetLastError call 6b73cdc0 call 6b79a910 144->150 153 6b794dfb-6b794e6a call 6b731d30 call 6b73d2b0 call 6b731f20 call 6b73d2b0 147->153 148->153 155 6b794f18 149->155 156 6b794f1a-6b794f1d 149->156 150->61 151->134 151->135 152->52 208 6b794e6c 153->208 209 6b794e6e-6b794ebd call 6b73d240 call 6b73dcd0 * 5 153->209 155->156 161 6b795031-6b795057 call 6b7962a0 WinHttpReceiveResponse 156->161 162 6b794f23-6b794f29 156->162 175 6b79505d-6b79505f 161->175 176 6b7953d4-6b795412 GetLastError call 6b73cdc0 call 6b79a910 161->176 162->161 169 6b794f2f-6b794f33 162->169 169->161 174 6b794f39-6b794f49 169->174 174->161 178 6b794f4f-6b794f7c WinHttpQueryOption 174->178 181 6b7950bf-6b7950f9 WinHttpQueryHeaders 175->181 182 6b795061-6b795077 call 6b798020 175->182 176->61 179 6b794f82-6b794f8a 178->179 180 6b795015-6b79502c call 6b76eb60 178->180 179->180 185 6b794f90-6b794fbb 179->185 180->61 189 6b7950fb-6b795109 GetLastError 181->189 190 6b795142-6b795200 call 6b797ef0 call 6b753150 call 6b73db70 call 6b73dcd0 181->190 200 6b795079-6b7950a7 call 6b73dcd0 182->200 201 6b7950b0-6b7950ba call 6b73dcd0 182->201 185->64 192 6b794fc1-6b794fee 185->192 189->190 197 6b79510b-6b79513d call 6b73cdc0 call 6b79a910 189->197 230 6b79521a-6b795247 call 6b796500 call 6b73dcd0 190->230 231 6b795202-6b795217 call 6b7985f0 190->231 220 6b79500d-6b795013 192->220 221 6b794ff0-6b795007 call 6b796720 192->221 197->61 200->201 201->181 208->209 209->133 220->161 220->180 221->220 243 6b795249-6b795250 230->243 244 6b79528a-6b795298 230->244 231->230 243->244 246 6b795252-6b795273 243->246 248 6b7952db-6b7952e3 244->248 249 6b79529a-6b7952a1 244->249 246->244 260 6b795275-6b795282 246->260 250 6b7952f2-6b795310 call 6b73dcd0 * 2 248->250 251 6b7952e5-6b7952ec WinHttpCloseHandle 248->251 249->248 252 6b7952a3-6b7952c4 249->252 263 6b795353-6b795361 250->263 264 6b795312-6b795319 250->264 251->250 252->248 262 6b7952c6-6b7952d3 252->262 260->244 262->248 265 6b7953a3-6b7953d1 call 6b73dcd0 call 6b7a7589 263->265 266 6b795363-6b79536a 263->266 264->263 268 6b79531b-6b79533c 264->268 266->265 271 6b79536c-6b79538c 266->271 268->263 278 6b79533e-6b79534b 268->278 271->265 280 6b79538e-6b79539b 271->280 278->263 280->265
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpConnect.WINHTTP(?,00000000,?,00000000,?), ref: 6B794774
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpCloseHandle.WINHTTP(00000000), ref: 6B7947A7
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpCloseHandle.WINHTTP(?), ref: 6B7947D0
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpOpenRequest.WINHTTP(?,?,?,00000000,00000000,00000000,00000040,?,?), ref: 6B794969
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 6B794973
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpAddRequestHeaders.WINHTTP(?,?,?,40000000,0000000C), ref: 6B794CB3
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 6B794D94
                                                                                                                                                                                                                                                                                                                                                                                  • _strftime.LIBCMT ref: 6B794DCF
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpSendRequest.WINHTTP(?,00000000,00000000,00000000,00000000,?,00000000,00000026,00000001,0000000C), ref: 6B794EFB
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpQueryOption.WINHTTP(?,0000004E,00000000,?), ref: 6B794F74
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpReceiveResponse.WINHTTP(?,00000000), ref: 6B79504F
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpQueryHeaders.WINHTTP(?,20000013,00000000,00000000,00000004,00000000), ref: 6B7950F1
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 6B7950FB
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B798020: WSAAddressToStringW.WS2_32(?,00000080,00000000,00000000,?), ref: 6B7980F9
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpCloseHandle.WINHTTP(?,?,?,?,?,00000000), ref: 6B7952EC
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 6B7953D4
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 6B795417
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Http$ErrorLast$CloseHandleRequest$HeadersQuery$AddressConnectOpenOptionReceiveResponseSendString_strftime
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: failed.$%a, %d %b %Y %H:%M:%S GMT$) failed.$If-Unmodified-Since$WinHttpAddRequestHeaders failed.$WinHttpConnect to $WinHttpOpenRequest($WinHttpQueryHeaders failed.$WinHttpReceiveResponse failed.$WinHttpSendRequest failed.$http$http
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3688841585-269308085
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 652b182930e1a6e54b9e2e5e7fe23c047609a26ef51ba71af11d09b19b1176e1
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ff7803797f205ee6357daafe84cb870cd5a9e7f1f54ce45f9eca7a3516d6f46e
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 652b182930e1a6e54b9e2e5e7fe23c047609a26ef51ba71af11d09b19b1176e1
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 05925C70D002698FDB24DB24EE58BDDB7B4AF15304F1081E9E519A7241EB78AF84CF91
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B74E050 Relevance: 39.0, APIs: 13, Strings: 9, Instructions: 534libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 283 6b74e050-6b74e0c7 GetVersion 284 6b74e0d1-6b74e0d9 283->284 285 6b74e0c9-6b74e0cc 283->285 287 6b74e1b0-6b74e1e8 GetModuleHandleW GetProcAddress 284->287 288 6b74e0df-6b74e0fa GetModuleHandleW GetProcAddress 284->288 286 6b74e712-6b74e74b call 6b7b9d30 * 3 call 6b7a7589 285->286 289 6b74e3d1-6b74e3d8 287->289 290 6b74e1ee-6b74e22e 287->290 291 6b74e100-6b74e11a GetSystemFirmwareTable 288->291 292 6b74e70d 288->292 294 6b74e40e-6b74e413 289->294 290->289 311 6b74e234-6b74e252 MapViewOfFile 290->311 291->292 303 6b74e120-6b74e13e call 6b7be1b0 291->303 292->286 296 6b74e415-6b74e416 CloseHandle 294->296 297 6b74e41c-6b74e41e 294->297 296->297 301 6b74e424-6b74e427 297->301 302 6b74e6fd-6b74e702 297->302 306 6b74e42a-6b74e440 call 6b74df70 301->306 302->286 305 6b74e704-6b74e70b UnmapViewOfFile 302->305 316 6b74e140-6b74e143 303->316 317 6b74e148-6b74e175 call 6b7a92c0 GetSystemFirmwareTable 303->317 305->286 319 6b74e442-6b74e45a call 6b74de90 306->319 320 6b74e46f-6b74e486 call 6b74df70 306->320 311->289 315 6b74e258 311->315 321 6b74e25a-6b74e266 315->321 316->286 317->292 346 6b74e17b-6b74e18c 317->346 336 6b74e464-6b74e468 319->336 337 6b74e45c 319->337 334 6b74e4ad-6b74e4c4 call 6b74df70 320->334 335 6b74e488-6b74e4aa call 6b74de90 * 2 320->335 326 6b74e275 321->326 327 6b74e268-6b74e26e 321->327 332 6b74e27b-6b74e280 326->332 333 6b74e3cc 326->333 331 6b74e270-6b74e273 327->331 327->332 331->321 332->333 339 6b74e286-6b74e288 332->339 333->289 354 6b74e4c6-6b74e4e8 call 6b74de90 * 2 334->354 355 6b74e4eb-6b74e502 call 6b74df70 334->355 335->334 344 6b74e46c 336->344 337->344 345 6b74e45e-6b74e462 337->345 340 6b74e292-6b74e29e 339->340 341 6b74e28a-6b74e28c 339->341 340->333 349 6b74e2a4-6b74e2ae 340->349 341->333 341->340 344->320 345->336 345->344 347 6b74e18e-6b74e193 346->347 348 6b74e198-6b74e1ab 346->348 347->286 348->306 349->333 352 6b74e2b4-6b74e2bc 349->352 352->333 357 6b74e2c2-6b74e2ca 352->357 354->355 363 6b74e504-6b74e51d 355->363 364 6b74e54f-6b74e557 355->364 357->333 361 6b74e2d0-6b74e2e4 357->361 361->333 365 6b74e2ea-6b74e329 UnmapViewOfFile MapViewOfFile 361->365 367 6b74e527-6b74e549 call 6b74de90 * 2 363->367 368 6b74e51f 363->368 370 6b74e560-6b74e5a6 call 6b74df70 364->370 365->333 369 6b74e32f-6b74e353 call 6b7be1b0 365->369 373 6b74e54c 367->373 372 6b74e521-6b74e525 368->372 368->373 383 6b74e355-6b74e367 369->383 384 6b74e36c-6b74e3ca call 6b7a92c0 call 6b7a8d40 UnmapViewOfFile 369->384 380 6b74e647-6b74e651 call 6b73db70 370->380 381 6b74e5ac-6b74e5b0 370->381 372->367 372->373 373->364 393 6b74e656-6b74e65b 380->393 385 6b74e5b2 381->385 386 6b74e5ba-6b74e5d0 call 6b74de90 381->386 383->294 384->294 390 6b74e5b4-6b74e5b8 385->390 391 6b74e62c-6b74e63f call 6b73db70 385->391 401 6b74e5e1-6b74e5f4 call 6b74de90 386->401 402 6b74e5d2-6b74e5dc call 6b73a420 386->402 390->386 390->391 391->370 407 6b74e645 391->407 397 6b74e65d 393->397 398 6b74e66a-6b74e681 call 6b74df70 393->398 403 6b74e663-6b74e668 397->403 404 6b74e6fa 397->404 414 6b74e683-6b74e695 call 6b74de90 398->414 415 6b74e698-6b74e69d 398->415 419 6b74e605-6b74e618 call 6b74de90 401->419 420 6b74e5f6-6b74e600 call 6b73a420 401->420 402->401 403->398 410 6b74e6a4-6b74e6a6 403->410 404->302 407->393 410->404 412 6b74e6a8-6b74e6bf call 6b74df70 410->412 412->404 426 6b74e6c1-6b74e6f7 call 6b74de90 * 3 412->426 414->415 415->412 417 6b74e69f 415->417 417->404 422 6b74e6a1 417->422 428 6b74e629 419->428 429 6b74e61a-6b74e624 call 6b73a420 419->429 420->419 422->410 426->404 428->391 429->428
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetVersion.KERNEL32(5D46D5D7,?,?), ref: 6B74E0B5
                                                                                                                                                                                                                                                                                                                                                                                  • GetModuleHandleW.KERNEL32(kernel32.dll,GetSystemFirmwareTable), ref: 6B74E0E9
                                                                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000), ref: 6B74E0F0
                                                                                                                                                                                                                                                                                                                                                                                  • GetSystemFirmwareTable.KERNEL32 ref: 6B74E113
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: AddressFirmwareHandleModuleProcSystemTableVersion
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: ,$@$GetSystemFirmwareTable$NtOpenSection$\Device\PhysicalMemory$_DMI$_SM_$kernel32.dll$ntdll.dll
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3310200822-87932310
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 88fde190d81ca24a61a5743ec98a9f0d3f73630ad8172e7f253119f1e8e30d7e
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 560a73cd9dc7c79a20eee70f1e64d7df722c182d23a70959c9f8b1f0569e0968
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 88fde190d81ca24a61a5743ec98a9f0d3f73630ad8172e7f253119f1e8e30d7e
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0F2220B1E1025D9FDB14CFA4CA05BEEBBB5BF05324F040169F995A7381E738A906CB85
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B78E2C0 Relevance: 24.8, APIs: 8, Strings: 6, Instructions: 263COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 598 6b78e2c0-6b78e315 SHGetFolderPathW 599 6b78e67b-6b78e6a5 call 6b73cdc0 call 6b7a7589 598->599 600 6b78e31b-6b78e325 598->600 602 6b78e358-6b78e35b 600->602 603 6b78e327-6b78e33b GetWindowsDirectoryW 600->603 605 6b78e378-6b78e37b 602->605 606 6b78e35d-6b78e371 GetSystemDirectoryW 602->606 607 6b78e6c1-6b78e6c3 GetLastError 603->607 608 6b78e341-6b78e346 603->608 612 6b78e3b9-6b78e3bc 605->612 613 6b78e37d-6b78e3b4 call 6b78e6f0 call 6b7be708 605->613 606->608 611 6b78e373 606->611 614 6b78e6c9 607->614 608->599 609 6b78e34c-6b78e353 608->609 615 6b78e6ca-6b78e6da call 6b78e820 609->615 611->607 618 6b78e429-6b78e42c 612->618 619 6b78e3be-6b78e40a call 6b78f920 612->619 641 6b78e673-6b78e676 call 6b73dcd0 613->641 614->615 635 6b78e6e0-6b78e6e6 call 6b7a9c5e 615->635 620 6b78e432-6b78e482 call 6b78f920 618->620 621 6b78e555-6b78e558 618->621 619->607 636 6b78e410-6b78e424 619->636 638 6b78e488-6b78e494 620->638 639 6b78e63c-6b78e642 620->639 625 6b78e55e-6b78e5ae call 6b78f920 621->625 626 6b78e6a6-6b78e6bf call 6b78e820 621->626 625->639 644 6b78e5b4-6b78e5c0 625->644 626->635 643 6b78e654-6b78e66d call 6b7be708 636->643 645 6b78e4bf-6b78e4cf call 6b739310 638->645 646 6b78e496-6b78e4bd 638->646 647 6b78e648-6b78e651 639->647 641->599 643->641 651 6b78e5eb-6b78e5fb call 6b739310 644->651 652 6b78e5c2-6b78e5e9 644->652 653 6b78e4d4-6b78e4fc ExpandEnvironmentStringsW 645->653 646->653 647->643 656 6b78e600-6b78e628 ExpandEnvironmentStringsW 651->656 652->656 658 6b78e4fe-6b78e506 GetLastError 653->658 659 6b78e513-6b78e519 653->659 656->659 660 6b78e62e-6b78e636 GetLastError 656->660 658->639 661 6b78e50c-6b78e50e 658->661 662 6b78e51b-6b78e522 659->662 663 6b78e527-6b78e543 659->663 660->639 664 6b78e54e-6b78e550 660->664 661->614 662->614 663->647 665 6b78e549 663->665 664->614 665->664
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • SHGetFolderPathW.SHELL32(00000000,?,00000000,00000000,?,5D46D5D7), ref: 6B78E30B
                                                                                                                                                                                                                                                                                                                                                                                  • GetWindowsDirectoryW.KERNEL32(?,00000104,?,00000000,00000000,?,5D46D5D7), ref: 6B78E333
                                                                                                                                                                                                                                                                                                                                                                                  • GetSystemDirectoryW.KERNEL32(?,00000104), ref: 6B78E369
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,?,?,5D46D5D7), ref: 6B78E6C3
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Directory$ErrorFolderLastPathSystemWindows
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %APPDATA%$%LOCALAPPDATA%$AppData$Common AppData$Local AppData$SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 824261959-2182189768
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 2a57126a997e7c6bff48f9dac559b15d077e5b9463dabf7615dae3317f540ef6
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: cfd6ccce7be1fdcf22288bc0379b4912790d6da9634e743802b49013cffff40f
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2a57126a997e7c6bff48f9dac559b15d077e5b9463dabf7615dae3317f540ef6
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C3A12B70A6421CABDB24CB64CD9CBDE77B8AB04304F1005F9F51AE6291E7789B85CF60
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B74A280 Relevance: 21.4, APIs: 4, Strings: 8, Instructions: 394libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 666 6b74a280-6b74a2f2 call 6b7a5ca5 669 6b74a2f8-6b74a3a1 GetModuleHandleW GetProcAddress call 6b73d370 call 6b746930 666->669 670 6b74a87a-6b74a880 call 6b7a5d42 666->670 679 6b74a3b7-6b74a3bd 669->679 680 6b74a3a3-6b74a3b5 call 6b735810 669->680 681 6b74a3bf-6b74a3d6 call 6b73dcd0 679->681 680->679 680->681 686 6b74a4f7-6b74a53d 681->686 687 6b74a3dc-6b74a494 call 6b73d370 call 6b74abf0 call 6b73dcd0 call 6b74a990 call 6b74abf0 681->687 689 6b74a540-6b74a549 686->689 717 6b74a496 687->717 718 6b74a498-6b74a4f2 call 6b73d240 call 6b73dc10 call 6b73dcd0 * 3 __Mtx_unlock 687->718 689->689 691 6b74a54b-6b74a567 call 6b73d370 689->691 697 6b74a58d-6b74a5ad call 6b74bd50 691->697 698 6b74a569-6b74a58b call 6b73d240 691->698 706 6b74a5b1-6b74a5c5 call 6b73d240 call 6b73dcd0 697->706 707 6b74a5af 697->707 705 6b74a5ca-6b74a5fe call 6b73cc30 call 6b74abf0 698->705 722 6b74a600 705->722 723 6b74a602-6b74a636 call 6b73d240 call 6b73dcd0 * 2 705->723 706->705 707->706 717->718 745 6b74a85a-6b74a877 call 6b7a7589 718->745 722->723 736 6b74a7fc-6b74a858 call 6b73dcd0 __Mtx_unlock 723->736 737 6b74a63c 723->737 736->745 740 6b74a640-6b74a647 737->740 743 6b74a658-6b74a65f call 6b74a990 740->743 744 6b74a649-6b74a653 call 6b73d240 740->744 750 6b74a664-6b74a68f 743->750 744->743 751 6b74a6a1-6b74a6a3 750->751 752 6b74a691-6b74a69c call 6b73cbd0 750->752 753 6b74a6a5-6b74a6b6 751->753 754 6b74a6ec 751->754 752->754 760 6b74a69e 752->760 757 6b74a6b8 753->757 758 6b74a6ba-6b74a6ea call 6b73d240 * 3 753->758 759 6b74a6f3-6b74a706 call 6b73dcd0 754->759 757->758 758->759 765 6b74a725-6b74a72d 759->765 766 6b74a708-6b74a70f 759->766 760->751 770 6b74a73c-6b74a744 765->770 771 6b74a72f 765->771 768 6b74a721-6b74a723 766->768 769 6b74a711-6b74a714 766->769 768->770 769->768 773 6b74a716-6b74a71f 769->773 770->740 775 6b74a74a-6b74a751 770->775 774 6b74a730-6b74a73a 771->774 773->768 773->769 774->770 774->774 775->736 777 6b74a757-6b74a7f7 call 6b73d370 call 6b73dcd0 * 2 775->777 777->736
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetModuleHandleW.KERNEL32(ntdll.dll,RtlGetVersion,6B812CC4), ref: 6B74A309
                                                                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000), ref: 6B74A310
                                                                                                                                                                                                                                                                                                                                                                                  • __Mtx_unlock.LIBCPMT ref: 6B74A4E7
                                                                                                                                                                                                                                                                                                                                                                                  • __Mtx_unlock.LIBCPMT ref: 6B74A853
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Mtx_unlock$AddressHandleModuleProc
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: RtlGetVersion$http://$https://$ipm-provider-preview.ff.avast.com/?$ipmnag$ipmnag=$ntdll.dll$p_elm=
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2209275548-3026089952
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 5b300bbc763645b2015cfb965b2e4bfc6d2642e3e823cca490701392098aebc5
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: e93941c80fed19b82d046f69c6540896f484e39d7db63f7232ddf8d97e963d44
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5b300bbc763645b2015cfb965b2e4bfc6d2642e3e823cca490701392098aebc5
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A8023E70D00268DFDF11CFA4CA59BDEBBB4AF15308F4441A8E445A7291DB78AB89CF91
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B72E4E0 Relevance: 21.2, APIs: 1, Strings: 11, Instructions: 208COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Mtx_unlock
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: 0$1$3$6$7$8$E$E106$F$F378$Request to IPM: %ls
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1418687624-3152111119
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 864885589993d64c6595ae1558e66c943f90b6372f31099b3af1d3f27a174070
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 03217fb020487878db4f105b1d41c4d657241944d6b6b7c37fe93f94e1a7a9f5
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 864885589993d64c6595ae1558e66c943f90b6372f31099b3af1d3f27a174070
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 57A13DB1D04358DFDB11CF68C9457CDBBB4BF15304F5081AAD449AB281EB799A48CFA1
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B74DAC0 Relevance: 12.5, APIs: 5, Strings: 2, Instructions: 296fileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(?,C0000000,00000003,00000000,00000003,00000000,00000000,?,\\.\Scsi,00000008,5D46D5D7,00000000,00000000), ref: 6B74DBF5
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,\\.\Scsi,00000008,5D46D5D7,00000000,00000000), ref: 6B74DC03
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,00000000), ref: 6B74DE47
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CloseCreateErrorFileHandleLast
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: SCSIDISK$\\.\Scsi
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2528220319-2866181625
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 628fb14b517f152589a336512d59195a0850150d008c1c419ab499cdb25da013
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: c55d71b37a54e961df6d36fcf46c47f574cd696b967a16e2098b693c7c509876
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 628fb14b517f152589a336512d59195a0850150d008c1c419ab499cdb25da013
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 52C1DE70D40748AFDB10CFA8C949BAEBBB4BF45308F104629E455AB381E7B8A945CF91
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B78F420 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 195registryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 1125 6b78f420-6b78f46d 1126 6b78f47e-6b78f4ba call 6b78fff0 1125->1126 1127 6b78f46f-6b78f479 SetLastError 1125->1127 1132 6b78f4f9-6b78f4ff 1126->1132 1133 6b78f4bc-6b78f4c0 1126->1133 1128 6b78f687-6b78f6a2 call 6b7a7589 1127->1128 1136 6b78f505-6b78f531 RegQueryValueExW 1132->1136 1133->1132 1135 6b78f4c2-6b78f4e1 RegOpenKeyExW 1133->1135 1137 6b78f4f1-6b78f4f7 1135->1137 1138 6b78f4e3-6b78f4ec SetLastError 1135->1138 1139 6b78f533-6b78f556 1136->1139 1140 6b78f586-6b78f58c 1136->1140 1137->1136 1141 6b78f65e-6b78f66c 1138->1141 1142 6b78f568-6b78f581 call 6b7a8d40 1139->1142 1143 6b78f558-6b78f562 call 6b790450 1139->1143 1144 6b78f64d 1140->1144 1145 6b78f592-6b78f5a3 1140->1145 1147 6b78f66e-6b78f680 call 6b790030 1141->1147 1148 6b78f685 1141->1148 1146 6b78f64f 1142->1146 1143->1142 1144->1146 1151 6b78f5ad 1145->1151 1152 6b78f5a5-6b78f5ab 1145->1152 1155 6b78f652-6b78f65b SetLastError 1146->1155 1147->1148 1148->1128 1153 6b78f5d7-6b78f602 RegQueryValueExW 1151->1153 1154 6b78f5af-6b78f5b6 1151->1154 1152->1153 1153->1145 1161 6b78f604-6b78f606 1153->1161 1159 6b78f5b8-6b78f5c1 call 6b76bf70 1154->1159 1160 6b78f5c3-6b78f5d4 call 6b7a92c0 1154->1160 1155->1141 1159->1153 1160->1153 1161->1155 1164 6b78f608-6b78f617 1161->1164 1167 6b78f619-6b78f61c 1164->1167 1168 6b78f61e 1164->1168 1167->1146 1168->1155 1169 6b78f620-6b78f627 1168->1169 1170 6b78f629-6b78f632 call 6b76bf70 1169->1170 1171 6b78f634-6b78f64b call 6b7a92c0 1169->1171 1170->1155 1171->1155
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • SetLastError.KERNEL32(00000057,5D46D5D7,00000000,5D46D5D7,00000000), ref: 6B78F471
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.KERNELBASE(?,SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders,00000000,00000000,00000000,5D46D5D7,00000000,5D46D5D7,00000000), ref: 6B78F4D9
                                                                                                                                                                                                                                                                                                                                                                                  • SetLastError.KERNEL32(00000000), ref: 6B78F4E4
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders, xrefs: 6B78F4D2
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorLast$Open
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1333505713-1187197689
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 66f1675260ed398ce74ed08f83d5fad068f4f9c0058a5b56379f3e05cb71b016
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 28768ea66c4ae14eafbff729ad212090add7b7b1df52d03510055d35e5170152
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 66f1675260ed398ce74ed08f83d5fad068f4f9c0058a5b56379f3e05cb71b016
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C6715E71A41219AFDB14DF64DA98B9DB7B4FF09304F1046B9F519AB240EB38AA44CF50
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B74CD00 Relevance: 12.2, APIs: 8, Instructions: 229COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 1176 6b74cd00-6b74cdcb call 6b739310 GetSystemDirectoryW 1179 6b74cdcd-6b74cdd5 GetLastError 1176->1179 1180 6b74cdda-6b74cddf 1176->1180 1181 6b74cf81-6b74cfc5 call 6b73dcd0 * 3 call 6b7a7589 1179->1181 1182 6b74cdf7-6b74cdff call 6b739310 1180->1182 1183 6b74cde1-6b74cdf5 1180->1183 1185 6b74ce04-6b74ce0b 1182->1185 1183->1185 1188 6b74ce26-6b74ce30 call 6b739310 1185->1188 1189 6b74ce0d-6b74ce24 1185->1189 1191 6b74ce35-6b74ce58 GetVolumePathNameW 1188->1191 1189->1191 1191->1179 1194 6b74ce5e-6b74ce6e 1191->1194 1196 6b74ce70-6b74ce79 1194->1196 1196->1196 1198 6b74ce7b-6b74ce91 call 6b73d370 1196->1198 1203 6b74ce93-6b74ceaa 1198->1203 1204 6b74ceac-6b74ceb4 call 6b739310 1198->1204 1205 6b74ceb9-6b74cedc GetVolumeNameForVolumeMountPointW 1203->1205 1204->1205 1205->1179 1207 6b74cee2-6b74ceef 1205->1207 1208 6b74cef2-6b74cefb 1207->1208 1208->1208 1209 6b74cefd-6b74cf42 call 6b73d370 CreateFileW 1208->1209 1209->1179 1212 6b74cf48-6b74cf66 DeviceIoControl 1209->1212 1213 6b74cf72-6b74cf78 1212->1213 1214 6b74cf68-6b74cf70 GetLastError 1212->1214 1215 6b74cf7a-6b74cf7b CloseHandle 1213->1215 1214->1215 1215->1181
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetSystemDirectoryW.KERNEL32(00000000,00000000), ref: 6B74CDC1
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 6B74CDCD
                                                                                                                                                                                                                                                                                                                                                                                  • GetVolumePathNameW.KERNEL32(00000000,?,?,00000104,00000000,00000000,00000000), ref: 6B74CE50
                                                                                                                                                                                                                                                                                                                                                                                  • GetVolumeNameForVolumeMountPointW.KERNEL32(?,6B7DD0CD,?,00000104,00000000,?,?), ref: 6B74CED4
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Volume$Name$DirectoryErrorLastMountPathPointSystem
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 623255257-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: aad72cafa9824bdb68d25e1073c208a89ebdd318d790db097c762b6e16683f87
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 449171229fb9e57c3c5f37af60ed26d0a1abd4e2423222ad922b2842136de1f5
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: aad72cafa9824bdb68d25e1073c208a89ebdd318d790db097c762b6e16683f87
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: AB911671E00218DFCF04CFA8C994BEEBBB4EF58715F144129E516B7280E734AA4ACB60
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B75CE00 Relevance: 10.8, APIs: 4, Strings: 3, Instructions: 257COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 1216 6b75ce00-6b75ce46 1217 6b75ce50-6b75ce89 call 6b78f920 1216->1217 1220 6b75ce8f-6b75cea7 call 6b73dcd0 1217->1220 1221 6b75d138-6b75d176 call 6b73dcd0 1217->1221 1220->1217 1226 6b75cea9-6b75cec3 1220->1226 1227 6b75d178-6b75d193 call 6b7a7589 1221->1227 1228 6b75cec6-6b75cecc 1226->1228 1230 6b75d126-6b75d136 call 6b75d5b0 1228->1230 1231 6b75ced2-6b75cf30 call 6b78f420 1228->1231 1230->1227 1237 6b75cf47 GetLastError 1231->1237 1238 6b75cf32-6b75cf45 call 6b78f6b0 1231->1238 1240 6b75cf4d-6b75cf65 call 6b753200 SetLastError 1237->1240 1238->1240 1244 6b75cffb-6b75d045 call 6b78f420 1240->1244 1245 6b75cf6b-6b75cf9a call 6b7be6d4 call 6b7be5eb 1240->1245 1249 6b75d04a-6b75d04f 1244->1249 1257 6b75d194-6b75d199 call 6b7a4db7 1245->1257 1258 6b75cfa0-6b75cfa6 1245->1258 1251 6b75d066 GetLastError 1249->1251 1252 6b75d051-6b75d064 call 6b78f6b0 1249->1252 1255 6b75d06c-6b75d084 call 6b753200 SetLastError 1251->1255 1252->1255 1266 6b75d10c-6b75d121 call 6b73dcd0 1255->1266 1267 6b75d08a-6b75d0b9 call 6b7be6d4 call 6b7be5eb 1255->1267 1262 6b75d19e-6b75d1a3 call 6b7a4df7 1257->1262 1261 6b75cfac-6b75cfd4 1258->1261 1258->1262 1270 6b75cfd6 1261->1270 1271 6b75cfe8 1261->1271 1268 6b75d1a8-6b75d1ad call 6b7a4db7 1262->1268 1266->1228 1267->1268 1285 6b75d0bf-6b75d0c5 1267->1285 1279 6b75d1b2-6b75d1bf call 6b7a4df7 1268->1279 1275 6b75cfdf-6b75cfe6 1270->1275 1276 6b75cfd8-6b75cfdd 1270->1276 1278 6b75cfeb 1271->1278 1280 6b75cfee-6b75cff4 1275->1280 1276->1275 1276->1278 1278->1280 1280->1244 1285->1279 1286 6b75d0cb-6b75d0ec 1285->1286 1288 6b75d100 1286->1288 1289 6b75d0ee 1286->1289 1290 6b75d103 1288->1290 1291 6b75d0f7-6b75d0fe 1289->1291 1292 6b75d0f0-6b75d0f5 1289->1292 1293 6b75d106-6b75d109 1290->1293 1291->1293 1292->1290 1292->1291 1293->1266
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78F920: SetLastError.KERNEL32(00000000), ref: 6B78F9BC
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,?,?,?,5D46D5D7), ref: 6B75CF47
                                                                                                                                                                                                                                                                                                                                                                                  • SetLastError.KERNEL32(?,?,?,?,?,5D46D5D7), ref: 6B75CF5B
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorLast
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: installTimestamp$invalid stoll argument$stoll argument out of range
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1452528299-933472524
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 4fa82b7292b83971fb82cec09d5d03f6f21f712bbdb88ebba8e5774f4c394ce3
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 0b2db0f270eeccb9410e7ba46d17ae52c32293efebb24181e4e1b8c945c79074
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 4fa82b7292b83971fb82cec09d5d03f6f21f712bbdb88ebba8e5774f4c394ce3
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F5B14472C00219DBDF04CFA8DA49BDDBBB4FF55308F10426AE415BB280EB786A45CB95
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B78EE80 Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 158registryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 1294 6b78ee80-6b78eebe 1295 6b78eecf-6b78ef01 1294->1295 1296 6b78eec0-6b78eeca SetLastError 1294->1296 1298 6b78ef32 1295->1298 1299 6b78ef03-6b78ef07 1295->1299 1297 6b78f0c6-6b78f0e0 call 6b7a7589 1296->1297 1302 6b78ef38-6b78ef3f 1298->1302 1299->1298 1301 6b78ef09-6b78ef1d RegOpenKeyExW 1299->1301 1301->1302 1304 6b78ef1f-6b78ef2d SetLastError 1301->1304 1305 6b78ef59-6b78ef5e 1302->1305 1306 6b78ef41 1302->1306 1308 6b78f099-6b78f0a7 1304->1308 1307 6b78ef60-6b78ef9e RegEnumKeyExW 1305->1307 1309 6b78ef43-6b78ef4f call 6b73dcd0 1306->1309 1310 6b78efa4-6b78efc3 1307->1310 1311 6b78f087 1307->1311 1312 6b78f0a9-6b78f0bb call 6b790030 1308->1312 1313 6b78f0c0 1308->1313 1323 6b78ef51-6b78ef57 1309->1323 1316 6b78efd2-6b78efd4 1310->1316 1317 6b78efc5-6b78efc9 1310->1317 1315 6b78f089-6b78f092 SetLastError 1311->1315 1312->1313 1313->1297 1315->1308 1321 6b78f078-6b78f07a 1316->1321 1322 6b78efda-6b78f01e call 6b73d370 1316->1322 1317->1316 1320 6b78efcb-6b78efd0 1317->1320 1320->1316 1320->1317 1321->1315 1325 6b78f07c-6b78f082 1321->1325 1327 6b78f05a-6b78f064 call 6b755c10 1322->1327 1328 6b78f020-6b78f058 1322->1328 1323->1305 1325->1307 1329 6b78f069-6b78f073 call 6b73dcd0 1327->1329 1328->1329 1329->1321
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • SetLastError.KERNEL32(00000057,5D46D5D7,00000000,?), ref: 6B78EEC2
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.KERNELBASE(80000002,SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall,00000000,?,00000000,5D46D5D7,00000000,?), ref: 6B78EF15
                                                                                                                                                                                                                                                                                                                                                                                  • SetLastError.KERNEL32(00000000), ref: 6B78EF20
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall, xrefs: 6B78EF13
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorLast$Open
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1333505713-1023437679
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: f96e4dc4f1969150fe43b49c1a6582ac26d8facc5ebe87f28b49c11184079d10
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 3f03c5f092f3b99b91cf06a967b8462c09585a337c2d829b0de8e65826e8e107
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f96e4dc4f1969150fe43b49c1a6582ac26d8facc5ebe87f28b49c11184079d10
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B5617B71D152299FDB24CF64C958BEDB7B4FF08300F1041EAE819AB280E7786A84CF90
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B794280 Relevance: 9.0, APIs: 4, Strings: 1, Instructions: 240COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpOpen.WINHTTP(?,00000001,00000000,00000000,00000000,5D46D5D7), ref: 6B794325
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 6B7943EE
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B7A9C5E: KiUserExceptionDispatcher.NTDLL(E06D7363,00000001,00000003,5D46D5D7,6B820BF8,?,lifetime_object must be allocated on static memory (static or global variable or member of such a variable).,5D46D5D7,00000000,00000000), ref: 6B7A9CBE
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpCloseHandle.WINHTTP(?,00000000,?,?,?,6B810850,?,00000000,WinHttpOpen failed.), ref: 6B794442
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpCloseHandle.WINHTTP(?,00000000,?,?,?,6B810850,?,00000000,WinHttpOpen failed.), ref: 6B794518
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Http$CloseHandle$DispatcherErrorExceptionLastOpenUser
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: WinHttpOpen failed.
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 626939618-3229918117
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: dfd2ec3c85fd5751630b07c88d8e305392574cb7b16ade2599fefd9d9cfda41e
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 1540c46696de5ceef251ef81ec1a9220c4806c0e49eb8d7ab2735b16e3f30496
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: dfd2ec3c85fd5751630b07c88d8e305392574cb7b16ade2599fefd9d9cfda41e
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B3918C34600615DFDB10DF68EA94B5AB7F8FF09314F1081ADE8269B391DB39EA05CB90
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B78F2F0 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 103registryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • SetLastError.KERNEL32(00000057,5D46D5D7,?,?,?,5D46D5D7,6B7E2480,000000FF), ref: 6B78F32D
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.KERNEL32(80000002,Software\AVAST Software\AvastAdSDK,00000000,00000000,?,5D46D5D7), ref: 6B78F371
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • Software\AVAST Software\AvastAdSDK, xrefs: 6B78F36F
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorLastOpen
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: Software\AVAST Software\AvastAdSDK
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3359735512-3878636103
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 2a585c0eec18ccffe12e5eb0a96f41ffa750d02feb5cbdbb748d4c698ccb04e5
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 4fa7e1d62d51294e9e89c4f9a2d61fce88cf2859dd26cf0a72c1ac8cab2bd70d
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2a585c0eec18ccffe12e5eb0a96f41ffa750d02feb5cbdbb748d4c698ccb04e5
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: AE313C70D0620DABEF01CFA4DA55BEEBBB4EF09714F10456AF811BB280D7789604CBA4
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B78C380 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 73sleepfileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(00000000,80000000,00000007,00000000,00000003,08000000,00000000,5D46D5D7,?,?), ref: 6B78C3DD
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 6B78C3F2
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(?), ref: 6B78C405
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B7A9C5E: KiUserExceptionDispatcher.NTDLL(E06D7363,00000001,00000003,5D46D5D7,6B820BF8,?,lifetime_object must be allocated on static memory (static or global variable or member of such a variable).,5D46D5D7,00000000,00000000), ref: 6B7A9CBE
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CreateDispatcherErrorExceptionFileLastSleepUser
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: couldn't obtain file lock$couldn't open file
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1896171869-291797988
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: afb07cab3a6f5f5d65911cbcb80a5715dbdf430d655704f8be01d24cfe2e4d27
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: bd2ce0165e38fd68a30bfa881fe2088f2998552a89b34f0d10ad4b96e21babdd
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: afb07cab3a6f5f5d65911cbcb80a5715dbdf430d655704f8be01d24cfe2e4d27
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5321A171944208AFDB20CFA9DD85BAEBBB8EF05711F10063AF519E7680D738A9408B91
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B7796B0 Relevance: 6.2, APIs: 4, Instructions: 179COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __Cnd_signal.LIBCPMT ref: 6B779766
                                                                                                                                                                                                                                                                                                                                                                                  • __Mtx_unlock.LIBCPMT ref: 6B779776
                                                                                                                                                                                                                                                                                                                                                                                  • DeleteCriticalSection.KERNEL32(?,?), ref: 6B77982C
                                                                                                                                                                                                                                                                                                                                                                                  • DeleteCriticalSection.KERNEL32(?), ref: 6B779841
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CriticalDeleteSection$Cnd_signalMtx_unlock
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 491612982-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 48a1feb2d7aa5948ecb199624c5bae22c4040e9f9da4c71f0283d33c02579e21
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 8d8a806a5499e95be0e5631013164b84d896f75171955ef3545d33dbd4161cd0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 48a1feb2d7aa5948ecb199624c5bae22c4040e9f9da4c71f0283d33c02579e21
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4A518B71A012159FDB10DF24D989B59B3B8EF15728F0442B9E919AB382DB38ED16CB90
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B75C220 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 181synchronizationCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78AE70: CloseHandle.KERNEL32(00000000,5D46D5D7,6B820BF8,00000000,?,?,6B73C54A,?,5D46D5D7,00000000), ref: 6B78AED2
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78AE70: LeaveCriticalSection.KERNEL32(?), ref: 6B78AF4B
                                                                                                                                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(?,000000FF,?,5D46D5D7), ref: 6B75C357
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,5D46D5D7), ref: 6B75C37B
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78A720: EnterCriticalSection.KERNEL32 ref: 6B78A7A2
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78A720: LeaveCriticalSection.KERNEL32(00000000,?,?,?), ref: 6B78A7DA
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78B0F0: SetEvent.KERNEL32(00000000,5D46D5D7,6B820BF8,?,?,?,?,?,?,00000000,6B7E1B6D,000000FF,?,6B73C606), ref: 6B78B14A
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78B0F0: CloseHandle.KERNEL32(00000000,?,?,?,?,?,00000000,6B7E1B6D,000000FF,?,6B73C606), ref: 6B78B168
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78B0F0: LeaveCriticalSection.KERNEL32(?), ref: 6B78B191
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • lifetime_object must be allocated on static memory (static or global variable or member of such a variable)., xrefs: 6B75C3BB, 6B75C3D6
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CriticalSection$CloseHandleLeave$EnterEventObjectSingleWait
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: lifetime_object must be allocated on static memory (static or global variable or member of such a variable).
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3951272266-2706815617
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b190bc63225a5e5747d3d2262fff593aa2f0040d07e28ef703e7e963ab8cfeca
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 0e0976ec4397be635151c8afb861062fe96a2e37e6696f26fc7b849ff21c65a6
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b190bc63225a5e5747d3d2262fff593aa2f0040d07e28ef703e7e963ab8cfeca
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4061D7B1C04249AFDB01CFB4CA95B9EBBB8EF05714F10466EE41167390DB7D6944CBA1
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B776050 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 140synchronizationCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78AE70: CloseHandle.KERNEL32(00000000,5D46D5D7,6B820BF8,00000000,?,?,6B73C54A,?,5D46D5D7,00000000), ref: 6B78AED2
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78AE70: LeaveCriticalSection.KERNEL32(?), ref: 6B78AF4B
                                                                                                                                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(?,000000FF,?,5D46D5D7), ref: 6B776187
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,5D46D5D7), ref: 6B7761AB
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78A720: EnterCriticalSection.KERNEL32 ref: 6B78A7A2
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78A720: LeaveCriticalSection.KERNEL32(00000000,?,?,?), ref: 6B78A7DA
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78B0F0: SetEvent.KERNEL32(00000000,5D46D5D7,6B820BF8,?,?,?,?,?,?,00000000,6B7E1B6D,000000FF,?,6B73C606), ref: 6B78B14A
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78B0F0: CloseHandle.KERNEL32(00000000,?,?,?,?,?,00000000,6B7E1B6D,000000FF,?,6B73C606), ref: 6B78B168
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78B0F0: LeaveCriticalSection.KERNEL32(?), ref: 6B78B191
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • lifetime_object must be allocated on static memory (static or global variable or member of such a variable)., xrefs: 6B7761EB, 6B776206
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CriticalSection$CloseHandleLeave$EnterEventObjectSingleWait
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: lifetime_object must be allocated on static memory (static or global variable or member of such a variable).
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3951272266-2706815617
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: de469a516ee059257d4c925cdc871c91b1c6909b12c510c5ace4af37684dffa5
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 8b053f7fc71bce1fe497660df1cdef78f1770b53b810bae7c1767f93e22ad489
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: de469a516ee059257d4c925cdc871c91b1c6909b12c510c5ace4af37684dffa5
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 605190B0C0430D9FCF11DFA4DA99B9EBBB4EB05714F50466AE4247B380D7799A48CBA1
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B7932D0 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 112synchronizationCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78AE70: CloseHandle.KERNEL32(00000000,5D46D5D7,6B820BF8,00000000,?,?,6B73C54A,?,5D46D5D7,00000000), ref: 6B78AED2
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78AE70: LeaveCriticalSection.KERNEL32(?), ref: 6B78AF4B
                                                                                                                                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(?,000000FF,00000000,5D46D5D7,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 6B7933AA
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,00000000,6B7E2A60,000000FF), ref: 6B7933C7
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78A720: EnterCriticalSection.KERNEL32 ref: 6B78A7A2
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78A720: LeaveCriticalSection.KERNEL32(00000000,?,?,?), ref: 6B78A7DA
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78B0F0: SetEvent.KERNEL32(00000000,5D46D5D7,6B820BF8,?,?,?,?,?,?,00000000,6B7E1B6D,000000FF,?,6B73C606), ref: 6B78B14A
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78B0F0: CloseHandle.KERNEL32(00000000,?,?,?,?,?,00000000,6B7E1B6D,000000FF,?,6B73C606), ref: 6B78B168
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78B0F0: LeaveCriticalSection.KERNEL32(?), ref: 6B78B191
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • lifetime_object must be allocated on static memory (static or global variable or member of such a variable)., xrefs: 6B793410, 6B79342B
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CriticalSection$CloseHandleLeave$EnterEventObjectSingleWait
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: lifetime_object must be allocated on static memory (static or global variable or member of such a variable).
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3951272266-2706815617
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 9edb5d24c6a06d94ca3fd9a7b709c2d3b2f1a75a6a9a98bebad295e887482ea1
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 855b4f24eb1b346a9a7f1029aae19188281c5fad6d1e0415c5e857ef68738779
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9edb5d24c6a06d94ca3fd9a7b709c2d3b2f1a75a6a9a98bebad295e887482ea1
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7F41B670900219DFDB10EFB4EA45B5EB7B4EF05714F504A2AF825A7280DB3D9945CB91
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B73C4E0 Relevance: 3.8, APIs: 1, Strings: 1, Instructions: 327synchronizationCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78AE70: CloseHandle.KERNEL32(00000000,5D46D5D7,6B820BF8,00000000,?,?,6B73C54A,?,5D46D5D7,00000000), ref: 6B78AED2
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78AE70: LeaveCriticalSection.KERNEL32(?), ref: 6B78AF4B
                                                                                                                                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(?,000000FF,?,5D46D5D7,00000000,00000000), ref: 6B73C627
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78A720: EnterCriticalSection.KERNEL32 ref: 6B78A7A2
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78A720: LeaveCriticalSection.KERNEL32(00000000,?,?,?), ref: 6B78A7DA
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78B0F0: SetEvent.KERNEL32(00000000,5D46D5D7,6B820BF8,?,?,?,?,?,?,00000000,6B7E1B6D,000000FF,?,6B73C606), ref: 6B78B14A
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78B0F0: CloseHandle.KERNEL32(00000000,?,?,?,?,?,00000000,6B7E1B6D,000000FF,?,6B73C606), ref: 6B78B168
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78B0F0: LeaveCriticalSection.KERNEL32(?), ref: 6B78B191
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • lifetime_object must be allocated on static memory (static or global variable or member of such a variable)., xrefs: 6B73C67B
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CriticalSection$Leave$CloseHandle$EnterEventObjectSingleWait
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: lifetime_object must be allocated on static memory (static or global variable or member of such a variable).
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1123189050-2706815617
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 84248b89bef97dd2a84ca7b18c1493c5ddac0bec14150f5e4f44255671c13b7a
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ef73533108cbfdd8c5ad0cfb4741f9d3324b8fe3bd545a774c3347990ea2b939
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 84248b89bef97dd2a84ca7b18c1493c5ddac0bec14150f5e4f44255671c13b7a
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 92C19FB0D05619DFCB00CFA8C64579EBBF4FF49314F1442A9E825A7381D779AA04CB91
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B731430 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 121synchronizationCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78AE70: CloseHandle.KERNEL32(00000000,5D46D5D7,6B820BF8,00000000,?,?,6B73C54A,?,5D46D5D7,00000000), ref: 6B78AED2
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78AE70: LeaveCriticalSection.KERNEL32(?), ref: 6B78AF4B
                                                                                                                                                                                                                                                                                                                                                                                  • WaitForSingleObject.KERNEL32(8B00059F,000000FF,6B73129E,5D46D5D7,?,?,?,?,?,?,?,?,?,?,?,6B7D76FC), ref: 6B731563
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78A720: EnterCriticalSection.KERNEL32 ref: 6B78A7A2
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78A720: LeaveCriticalSection.KERNEL32(00000000,?,?,?), ref: 6B78A7DA
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78B0F0: SetEvent.KERNEL32(00000000,5D46D5D7,6B820BF8,?,?,?,?,?,?,00000000,6B7E1B6D,000000FF,?,6B73C606), ref: 6B78B14A
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78B0F0: CloseHandle.KERNEL32(00000000,?,?,?,?,?,00000000,6B7E1B6D,000000FF,?,6B73C606), ref: 6B78B168
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78B0F0: LeaveCriticalSection.KERNEL32(?), ref: 6B78B191
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • lifetime_object must be allocated on static memory (static or global variable or member of such a variable)., xrefs: 6B7315B4
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CriticalSection$Leave$CloseHandle$EnterEventObjectSingleWait
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: lifetime_object must be allocated on static memory (static or global variable or member of such a variable).
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1123189050-2706815617
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: bc787f5af8dc79312d2d1c8d29926f44c1b941c56324f53255841c1b89d85399
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: c85fcdbf310c2abb1bd5263f580ec87f43ab77c6c44662b27a013fae43c64aec
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: bc787f5af8dc79312d2d1c8d29926f44c1b941c56324f53255841c1b89d85399
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 00516EB0C05259DEDB01CFA4C6457DDFBF4BF15314F10826AE415A7781D779AA04CBA1
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B72D0C0 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 108COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • wsprintfW.USER32 ref: 6B72D1AF
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B7A7A5A: EnterCriticalSection.KERNEL32(6B8200F8,6B821D34,?,?,6B7565BE,6B820C30,5D46D5D7,?,6B7DE401,000000FF), ref: 6B7A7A65
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B7A7A5A: LeaveCriticalSection.KERNEL32(6B8200F8,?,6B7565BE,6B820C30,5D46D5D7,?,6B7DE401,000000FF), ref: 6B7A7AA2
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B7A7A10: EnterCriticalSection.KERNEL32(6B8200F8,?,?,6B756628,6B820C30,?,6B7DE401,000000FF), ref: 6B7A7A1A
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B7A7A10: LeaveCriticalSection.KERNEL32(6B8200F8,?,6B756628,6B820C30,?,6B7DE401,000000FF), ref: 6B7A7A4D
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B7A7A10: WakeAllConditionVariable.KERNEL32(?,6B820C30,?,6B7DE401,000000FF), ref: 6B7A7AC4
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CriticalSection$EnterLeave$ConditionVariableWakewsprintf
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %02X
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 501515697-436463671
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 629b3703edbb76156ec504df461d552eccf088490e48c6ed4111e90ce5f99d93
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 679a00ae9320d6925187dcfc8600d3972c2b191a84f48d0bd9c108c363bb385f
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 629b3703edbb76156ec504df461d552eccf088490e48c6ed4111e90ce5f99d93
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D9419071D40249ABDB04CFA4DA49B9EBBB5EF45314F00822AF51597290D77CA684CBD4
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B791A20 Relevance: 3.2, APIs: 2, Instructions: 171COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • ___scrt_is_nonwritable_in_current_image.LIBCMT ref: 6B791B1D
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B7A7D30: InitializeSListHead.KERNEL32(6B820120,6B791AB1,?,?,?,00000000,6B7A8970,6B80E2B8,000000FE), ref: 6B7A7D35
                                                                                                                                                                                                                                                                                                                                                                                  • ___scrt_uninitialize_crt.LIBCMT ref: 6B791C1D
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: HeadInitializeList___scrt_is_nonwritable_in_current_image___scrt_uninitialize_crt
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 953606248-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 9ee6845117e97a0bb2e4aadc2ac16570805a4a84004f589b135924f7835eb70d
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: b3cbd393507df4cccf001a0db7b58c90f454da3ca42cce315b63b126ed30d032
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9ee6845117e97a0bb2e4aadc2ac16570805a4a84004f589b135924f7835eb70d
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5A513771909215EBDB04EF78EA05B9DB7B9EB02758F00027AF804A7680E73E5514CBF1
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B7C55FF Relevance: 3.0, APIs: 2, Instructions: 22memoryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • RtlFreeHeap.NTDLL(00000000,00000000,?,6B7D076A,?,00000000,?,?,6B7D0A0B,?,00000007,?,?,6B7CFE96,?,?), ref: 6B7C5615
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,?,6B7D076A,?,00000000,?,?,6B7D0A0B,?,00000007,?,?,6B7CFE96,?,?), ref: 6B7C5620
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorFreeHeapLast
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 485612231-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: cb055bfe7873766b46f7c3efc4fdeecdd000eaa43e2866112798cf1a383690aa
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: d310feb3f826d09798d46626a5b9c082eebc8fa09ab3e4439864f0f90db96ba6
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: cb055bfe7873766b46f7c3efc4fdeecdd000eaa43e2866112798cf1a383690aa
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 71E08C32120208ABCF111FA4E909B9A7B68AF01799F1044B8FB199A150CB7AC950CF9A
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B74C060 Relevance: 3.0, APIs: 2, Instructions: 503COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(6B821DE8,5D46D5D7,?), ref: 6B74C097
                                                                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(6B821DE8,?,?,00000000,00000000), ref: 6B74C9F0
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: bb52008d1d0e7c79b464775049cd2f6d91ed4527f126b3bf675e0ac211ef9833
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 6c6f3c0f64de226b42a258e429e26e5d8c4a6a5285f4d732a7b7e8091217c00b
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: bb52008d1d0e7c79b464775049cd2f6d91ed4527f126b3bf675e0ac211ef9833
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9F520770C05268CBDB21CF24CA587DEBBB4AF15309F5081E9D4496B292DBB95BC8CF91
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B78A720 Relevance: 2.6, APIs: 2, Instructions: 114COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32 ref: 6B78A7A2
                                                                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(00000000,?,?,?), ref: 6B78A7DA
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 22d2ba6dd46f4e06b2756cf7a4b6d32c89ccbf206b48c435a3311e44cb7801ad
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: c3d3f003ee8bf3b7b7625355bbf23e635d44d4a51ddeb124bf089f61aea8f421
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 22d2ba6dd46f4e06b2756cf7a4b6d32c89ccbf206b48c435a3311e44cb7801ad
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D5417E309046499BCF05CF68D6446AEBBB4FF4A314F1042BEF416A7B80D73CA945CBA1
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B78FCD0 Relevance: 2.6, APIs: 2, Instructions: 69COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78F420: SetLastError.KERNEL32(00000057,5D46D5D7,00000000,5D46D5D7,00000000), ref: 6B78F471
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 6B78FD72
                                                                                                                                                                                                                                                                                                                                                                                  • SetLastError.KERNEL32(00000000), ref: 6B78FD83
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorLast
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1452528299-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 3f61648689d06369680c685e93846eb388acfff3218bf897300d5665e4a24459
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 43e8d6b38e08fcba93792909f21df5b38eac62268564da413ddc3426fd550341
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3f61648689d06369680c685e93846eb388acfff3218bf897300d5665e4a24459
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9C219A72C00659DFCF10CFA4CA54BAEBBB4FF49714F10466AE811BB240D739AA05CBA0
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B78FBF0 Relevance: 2.6, APIs: 2, Instructions: 67COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78F420: SetLastError.KERNEL32(00000057,5D46D5D7,00000000,5D46D5D7,00000000), ref: 6B78F471
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,5D46D5D7), ref: 6B78FC8C
                                                                                                                                                                                                                                                                                                                                                                                  • SetLastError.KERNEL32(00000000,?,5D46D5D7), ref: 6B78FC9D
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorLast
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1452528299-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 4719bfdc8a157f04746690602fbcca81520c63e85e45548c4e4d69c468af072f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 56457307c8d55406de6ee94cc65d16aa2b5f68f502a37052c8d8c3f2e5b952a9
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 4719bfdc8a157f04746690602fbcca81520c63e85e45548c4e4d69c468af072f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C7214C72D002199BDF10CFA4CA45BDEBBF4EF49714F114669E811BB280E779AA44CBA4
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B78F920 Relevance: 2.6, APIs: 2, Instructions: 61COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78F420: SetLastError.KERNEL32(00000057,5D46D5D7,00000000,5D46D5D7,00000000), ref: 6B78F471
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 6B78F9AB
                                                                                                                                                                                                                                                                                                                                                                                  • SetLastError.KERNEL32(00000000), ref: 6B78F9BC
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorLast
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1452528299-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: c72f04e816569befc6b9367a1bdea8c2cd853c9afe419eaef8200bbab4ec4103
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 3a2edb62110798b22d49b49b3c43b0d54744c241ef29399da670c775abb38934
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c72f04e816569befc6b9367a1bdea8c2cd853c9afe419eaef8200bbab4ec4103
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6B115C72D00219ABCF10CFA4C949BEEBBB4FF45714F10462AE8117B240E77966058BE1
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B78A870 Relevance: 1.6, APIs: 1, Instructions: 106COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78A9A0: CreateEventW.KERNEL32(00000000,00000001,00000000,00000000,?,?,?,?,6B78A88F), ref: 6B78A9BC
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78A9A0: CloseHandle.KERNEL32(00000000,?,?,?,?,?,6B78A88F), ref: 6B78A9DD
                                                                                                                                                                                                                                                                                                                                                                                  • SetEvent.KERNEL32(00000000), ref: 6B78A890
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Event$CloseCreateHandle
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 585692533-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: caa573b2c12efd53fe4613d67f4aec4fc30a3692b6d58b6fd38079caa5774223
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ca01d5fedecc00721549c46bc2f24d1351a8686b1737fd82ea7376e34c78ac96
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: caa573b2c12efd53fe4613d67f4aec4fc30a3692b6d58b6fd38079caa5774223
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 95411674A0420ACFCF05CF68D59466DBBB1BF49310F5540B9E91AAB380CB38E941CBD1
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B791B90 Relevance: 1.6, APIs: 1, Instructions: 93COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B7A7D3C: ___std_type_info_destroy_list.LIBVCRUNTIME ref: 6B7A7D41
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B791C43: ___scrt_release_startup_lock.LIBCMT ref: 6B791C4B
                                                                                                                                                                                                                                                                                                                                                                                  • ___scrt_uninitialize_crt.LIBCMT ref: 6B791C1D
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ___scrt_release_startup_lock___scrt_uninitialize_crt___std_type_info_destroy_list
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3119586018-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 594517b5476be0522962b3c9a2a5d8d30f0fc903e85f89f83cd35ffd0b0403a9
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ff732ce7eadc4b68267c59eeec27d8c67fddb45cb1952c4377e1a7d3b4958aa1
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 594517b5476be0522962b3c9a2a5d8d30f0fc903e85f89f83cd35ffd0b0403a9
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 2C318F72504219EBCB04FFB9FA05BAD73A9EB42754F00466AF41897680DB3D9414C7F5
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B791EF0 Relevance: 1.6, APIs: 1, Instructions: 86COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • ___std_exception_destroy.LIBVCRUNTIME ref: 6B791FBF
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ___std_exception_destroy
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 4194217158-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: aa3d07a46375ce77e8927a3fd61f2d910126010087f89c9e822d7cb683d8e967
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 556c234ef594cbf9eb59d472a66687e26dcc9352e79be5349db3c57105a78b5a
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: aa3d07a46375ce77e8927a3fd61f2d910126010087f89c9e822d7cb683d8e967
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C121E772D04648AFC710DF58D905B9EF7FCEB09710F10466AF815A3780D739AA00CBA0
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B7342D0 Relevance: 1.6, APIs: 1, Instructions: 78COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • CallNtPowerInformation.POWRPROF(00000004,00000000,00000000,?,0000004C,5D46D5D7), ref: 6B73432A
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CallInformationPower
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3647440314-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 189bbed56c96faa31fa5426b606ad1701e7e69612fc0c6fd9b85c2c36982659b
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 53fea50f9b3b7181cb01aa864c38c25460f66b82d4efc6dc8f3f3ac4a0cd15b5
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 189bbed56c96faa31fa5426b606ad1701e7e69612fc0c6fd9b85c2c36982659b
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 362191B0A003189BDB14CFA4C90AB9EBBB9FB45B14F00462EF515AF3C0D779A904C794
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B72DA20 Relevance: 1.6, APIs: 1, Instructions: 52COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • CallNtPowerInformation.POWRPROF(00000005,00000000,00000000,?,00000020), ref: 6B72DA6D
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CallInformationPower
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3647440314-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 092fcb501a509b10f81a0c7cb97d216a9de40f33ec17f293266a8f41670744d0
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 994a041008ce68fe8bed2eabd71b4ae805634d74706135b88e84b2d0e6ce0cad
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 092fcb501a509b10f81a0c7cb97d216a9de40f33ec17f293266a8f41670744d0
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: AC118F71E44759EBDB10CF64D945B9EBBF4FF09704F10421EF805AB280E77966448B84
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B7A9C5E Relevance: 1.5, APIs: 1, Instructions: 43COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • KiUserExceptionDispatcher.NTDLL(E06D7363,00000001,00000003,5D46D5D7,6B820BF8,?,lifetime_object must be allocated on static memory (static or global variable or member of such a variable).,5D46D5D7,00000000,00000000), ref: 6B7A9CBE
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: DispatcherExceptionUser
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 6842923-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 0b50d207a53513461bfde2f931f7a04a7ed88d2006957a2a2c22bd7041a5e95a
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ac9283fc851edb2c060d8cf4be10def19d10f928e4b54cb57e41f51e65507ba8
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0b50d207a53513461bfde2f931f7a04a7ed88d2006957a2a2c22bd7041a5e95a
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C601F275900608AFDB019F68D580BAEBBF9FF44300F0141A9F916AB391D772E901CB90
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B7C8668 Relevance: 1.5, APIs: 1, Instructions: 32memoryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • RtlAllocateHeap.NTDLL(00000000,00000001,5D46D5D7,?,6B7A8AF8,5D46D5D9,5D46D5D7,?,6B820BF8,?,6B7925B1,?,?), ref: 6B7C869A
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: AllocateHeap
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1279760036-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 7cf1a1d648f966d4f670f0270e98f778ea257c478768f8d92c45ea0c18c7abf8
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: f4999ad5608e228c95e913778f1446f6d816c14d3248516c5c336073ed6f8165
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7cf1a1d648f966d4f670f0270e98f778ea257c478768f8d92c45ea0c18c7abf8
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 57E0E5355011255FEB211A79CF04BAF37889F027A4F0101B8BD16BA1C2CB2CC80185E7
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B791E70 Relevance: 1.5, APIs: 1, Instructions: 12COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • ___security_init_cookie.LIBCMT ref: 6B791E79
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B7A82D2: ___get_entropy.LIBCMT ref: 6B7A82EC
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ___get_entropy___security_init_cookie
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 864368843-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: ab65898fb40d0fc70565679163d745a35d1e178a321267d80481b4a3f429498f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 4e88a5d6f6616817cc7b7307a7f2680c3e0cfc0655087c2a1a3dd006ac57a75b
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ab65898fb40d0fc70565679163d745a35d1e178a321267d80481b4a3f429498f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 14D0127550061CBB8B00AF60FA0595E776DAB50324F40C025FC1806B10D735EA70DA91
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B78D9C0 Relevance: 1.3, APIs: 1, Instructions: 79COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • SetLastError.KERNEL32(00000000,5D46D5D7,6B736C80,?,6B769909,6B7DF635,?,installed,5D46D5D7,6B7F5920,?,?,?,00000000,6B7DF635,000000FF), ref: 6B78D9F6
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78C6E0: LockFileEx.KERNEL32(00000000,00000000,00000000,000000FF,00000000,?), ref: 6B78C7CA
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78C6E0: UnlockFileEx.KERNEL32(?,00000000,FFFFFFFF,00000000,?), ref: 6B78C7FA
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78C6E0: SetLastError.KERNEL32(00000000,?), ref: 6B78C811
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B78C6E0: CloseHandle.KERNEL32(00000000), ref: 6B78C82C
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorFileLast$CloseHandleLockUnlock
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2894595324-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b2fb7dd3d5ae85c5d6beed66ed62010a45cefa126c52093b4ec00c0441c1adbe
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: d8e14821afed8e7ece2af21357049e6adc20e8263c8bd164967ab4f41f5792d6
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b2fb7dd3d5ae85c5d6beed66ed62010a45cefa126c52093b4ec00c0441c1adbe
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5A216F72A041099BCB04DFB4CA05BDDB7F9EF48214F10426AF915B7250EB39AE14CBA4
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B75CB60 Relevance: 1.3, APIs: 1, Instructions: 43sleepCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(00000001,5D46D5D7), ref: 6B75CBCF
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Sleep
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3472027048-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 75a1cb2e750f80a73d2c967c0d102a2c2c348581264052c73cc027511731bef1
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 1c7788d2e64367810e70cf0a2249e95598b6e1f27a6dee85aff72ebaf28816c2
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 75a1cb2e750f80a73d2c967c0d102a2c2c348581264052c73cc027511731bef1
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F1116D32C14A4DDBCB11DFA8DA46B9DF7B8EB0B714F10426AE814A7240DB3996D4CBC1
                                                                                                                                                                                                                                                                                                                                                                                  Function 6B728700 Relevance: 1.3, APIs: 1, Instructions: 31COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • InitializeCriticalSection.KERNEL32(6B821F10), ref: 6B72872D
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B794110: GetModuleHandleW.KERNEL32(Kernel32.dll), ref: 6B794173
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B794110: GetProcAddress.KERNEL32(00000000,QueryUnbiasedInterruptTime), ref: 6B794183
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B794110: __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 6B7941B5
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 6B794210: GetSystemTimes.KERNEL32(?,?,?), ref: 6B794235
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000000.00000002.2820878821.000000006B721000.00000020.00000001.01000000.0000000A.sdmp, Offset: 6B720000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2820069723.000000006B720000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2823648359.000000006B7E5000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2824108671.000000006B812000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2825578616.000000006B813000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826231763.000000006B814000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826628735.000000006B815000.00000008.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2826973367.000000006B81F000.00000004.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000000.00000002.2827457833.000000006B823000.00000002.00000001.01000000.0000000A.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_0_2_6b720000_lw2HMxuVuf.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: AddressCriticalHandleInitializeModuleProcSectionSystemTimesUnothrow_t@std@@@__ehfuncinfo$??2@
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1701552186-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 1a83eceb647b19827b929a79b5aae70f6893a6b64075802774ae5443bfca03e8
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 6a0aec382c6adccda33851e034d0cfbb1e2dfd2aed700f4c00e3ce438aa75a6d
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1a83eceb647b19827b929a79b5aae70f6893a6b64075802774ae5443bfca03e8
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 46F0D6A1C187D986D710AB34E90526DB760BBAB348F10E71AFCB817515FB35A6D4C3C2

                                                                                                                                                                                                                                                                                                                                                                                  Executed Functions

                                                                                                                                                                                                                                                                                                                                                                                  Function 009CBC3B Relevance: 141.1, APIs: 23, Strings: 57, Instructions: 1121timeCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_GS.LIBCMT ref: 009CBC45
                                                                                                                                                                                                                                                                                                                                                                                  • GetCommandLineW.KERNEL32(LoadConfig,00000000), ref: 009CBCC8
                                                                                                                                                                                                                                                                                                                                                                                  • GetSystemTime.KERNEL32(?), ref: 009CBCE2
                                                                                                                                                                                                                                                                                                                                                                                  • GetDateFormatW.KERNEL32(00000000,00000000,?,yyyy'-'MM'-'dd,00000000,00000040,00000040), ref: 009CBD07
                                                                                                                                                                                                                                                                                                                                                                                  • GetTimeFormatW.KERNEL32(00000000,00000000,?,HH':'mm':'ss,00000000,00000040,00000040), ref: 009CBD29
                                                                                                                                                                                                                                                                                                                                                                                  • GetVersionExW.KERNEL32(00A72630,?,000002B4,009BB8DB), ref: 009CBD6F
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,000002B4,009BB8DB), ref: 009CBD79
                                                                                                                                                                                                                                                                                                                                                                                  • GetNativeSystemInfo.KERNELBASE(00A7274C,?,000002B4,009BB8DB), ref: 009CBD9B
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: FormatSystemTime$CommandDateErrorH_prolog3_InfoLastLineNativeVersion
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %hu$C:\$Cannot query processor power info info, ntst=%X$Cannot query version info, gle=%u$Config$ConnectionCheck$ConnectionTimeout$ConnectivityStep$ConnectivityTimeout$CopyBufferSize$CryptCATAdminAcquireContext2$Current build version: %s$Current update version: %d$Current version: %d$Data folder: %s$DisableBits$F$Geo: %s$Guid: %s$HH':'mm':'ss$Icarus$IniDescriptor$Installer: %s$Instup$JobIntervalHours$Key path: %s$LastAppliedPatchId$LoadConfig$Midex: %s$ModuleId: %s$Product$ProductId: %s$Program folder: %s$ProxyAddress$ProxyCredentialsEnabled$ProxyEnabled$ProxyPassword$ProxyPort$ProxyUsername$Registry$Setup\$Sha256 driver signatures are NOT SUPPORTED$Suite: %s$TemporaryDir$UTC: %s %s$Unable to load product config, gle=%u$UseOwnDnsQuery$Windows %u.%u.%u %s, build: %s$XmlDescriptor$Yes$arm64$drivers\$http://emupdate.avcdn.net/files/emupdate/pong.txt$wintrust.dll$x64$x86$yyyy'-'MM'-'dd
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 922403544-535768371
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 82c6d65090f3bb1fafe65bbb638925c9e71fd458b89b19ea551bde236fdbf9bd
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 87456b5a23a16da3233ea4b61c2a16cc9572fee8f0b925ba74786c05b8492baf
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 82c6d65090f3bb1fafe65bbb638925c9e71fd458b89b19ea551bde236fdbf9bd
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4AA2E130904249AEDB24EBA0DE5AFED7B79AF50315F1080DDE409671E2EB755EC8CB12
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E4904 Relevance: 116.4, APIs: 45, Strings: 21, Instructions: 869networksleepfileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GlobalFree.KERNEL32(00000000), ref: 009E4B4F
                                                                                                                                                                                                                                                                                                                                                                                  • GlobalFree.KERNEL32(00000000), ref: 009E4B60
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpCloseHandle.WINHTTP(00000000), ref: 009E4B6D
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpCloseHandle.WINHTTP(?), ref: 009E4B7A
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpCloseHandle.WINHTTP(?), ref: 009E4B87
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpOpen.WINHTTP(00000000,00000000,00000000,00000000), ref: 009E4C96
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpOpen.WINHTTP(00000003,?,00000000,00000000), ref: 009E4D09
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpSetOption.WINHTTP(00000000,00000003,?,00000004), ref: 009E4D3E
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpSetOption.WINHTTP(00000000,00000007,?,00000004), ref: 009E4D54
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpSetOption.WINHTTP(00000000,00000006,?,00000004), ref: 009E4D6A
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpSetOption.WINHTTP(00000000,00000005,?,00000004), ref: 009E4D80
                                                                                                                                                                                                                                                                                                                                                                                  • GetFileAttributesExW.KERNEL32(?,00000000,?), ref: 009E4D9F
                                                                                                                                                                                                                                                                                                                                                                                  • DeleteFileW.KERNELBASE(?), ref: 009E4E05
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009E4E0D
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8), ref: 009E4E26
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpCrackUrl.WINHTTP(?,00000000,00000000,?), ref: 009E4E4E
                                                                                                                                                                                                                                                                                                                                                                                  • DnsQuery_W.DNSAPI(?,00000001,00000000,00000000,?,00000000), ref: 009E4E8E
                                                                                                                                                                                                                                                                                                                                                                                  • DnsFree.DNSAPI(?,00000001), ref: 009E4ECA
                                                                                                                                                                                                                                                                                                                                                                                  • DnsQuery_W.DNSAPI(?,00000001,00000048,00000000,?,00000000), ref: 009E4F28
                                                                                                                                                                                                                                                                                                                                                                                  • DnsFree.DNSAPI(?,00000001), ref: 009E4F8A
                                                                                                                                                                                                                                                                                                                                                                                  • inet_ntoa.WS2_32(?), ref: 009E4F99
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpConnect.WINHTTP(?,?,00000000,00000000), ref: 009E501C
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009E502C
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpOpenRequest.WINHTTP(?,?,?,00000000,00000000,00000000,00000100,GET,?,?), ref: 009E50F7
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009E5109
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpGetProxyForUrl.WINHTTP(?,?,?,?), ref: 009E517E
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpSetOption.WINHTTP(00000000,00000026,?,0000000C), ref: 009E5194
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpSetCredentials.WINHTTP(00000000,00000000,00000001,00000000,?,00000000), ref: 009E51C1
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpSetOption.WINHTTP(?,00001002,00A71358,00000000), ref: 009E51EE
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpSetOption.WINHTTP(?,00001003,00A71358,00000000), ref: 009E520C
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpSetOption.WINHTTP(00000000,0000001F,00000100,00000004), ref: 009E523A
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpAddRequestHeaders.WINHTTP(00000000,?,000000FF,10000000), ref: 009E5264
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpSendRequest.WINHTTP(00000000,00000000,00000000,00000000,00000000,?,00000000), ref: 009E5295
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009E529F
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpAddRequestHeaders.WINHTTP(00000000,?,000000FF,10000000), ref: 009E52D1
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Http$Option$ErrorFreeLastRequest$CloseHandleOpen$FileGlobalHeadersQuery_$AttributesConnectCrackCredentialsDeleteProxySendSleepinet_ntoa
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: $%hs$%s:%hu$2$<$Download CopyFileOrBufferToResource failed, error: %u$Download WinHttpSendRequest continue:%u failed, error: %u$GET$HEAD$HTTP status WinHttpQueryHeaders failed, error: %u$Host: $POST$PerformRemoteHttpOp$PerformRemoteHttpOp: Url: %s$Range: bytes=%u-$Upload CopyFileOrBufferToResource failed, error: %u$Upload WinHttpSendRequest failed, error: %u$WinHttpConnect failed %s:%hu, error: %u$WinHttpOpenRequest verb:%s path:%s flags:0x%08X failed, error: %u$Wrong HTTP status code returned, status: %u$`aro
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1242012881-2370996187
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 22e4bf3d3ff614e8b982c0b9fa6b6a5391f71413ec66dbacb28c34af14f2f36f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 7bfeec20e901364a4ed779d5a4ddc5d0f5c989ad0a0c57fdf32886ebcf663ff1
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 22e4bf3d3ff614e8b982c0b9fa6b6a5391f71413ec66dbacb28c34af14f2f36f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D662A271D01259AEEF27CB66CC45BAAB7BCAB04304F1544EAE409E3290E7B49FC58F51
                                                                                                                                                                                                                                                                                                                                                                                  Function 009F34D0 Relevance: 39.3, APIs: 13, Strings: 9, Instructions: 830filelibraryloaderCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetVersion.KERNEL32(11C5A2E7,?,?), ref: 009F353D
                                                                                                                                                                                                                                                                                                                                                                                  • GetModuleHandleW.KERNEL32(kernel32.dll,GetSystemFirmwareTable,?,?), ref: 009F356E
                                                                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000), ref: 009F3575
                                                                                                                                                                                                                                                                                                                                                                                  • GetSystemFirmwareTable.KERNELBASE(?,?), ref: 009F3598
                                                                                                                                                                                                                                                                                                                                                                                  • UnmapViewOfFile.KERNEL32(?,?,?), ref: 009F3E36
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: AddressFileFirmwareHandleModuleProcSystemTableUnmapVersionView
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %d/%d/%d$,$@$GetSystemFirmwareTable$NtOpenSection$_DMI$_SM_$kernel32.dll$ntdll.dll
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1721071831-3966824023
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: ccb6c8995260669cdf77e66f60733f38b0485412c70e63935381a8b21fe186c0
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 822879bbba72d4b2da4485eab28b2f6927e7ce9f3f27f51085026a93214113ed
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ccb6c8995260669cdf77e66f60733f38b0485412c70e63935381a8b21fe186c0
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 2962F471D0024D8BDB25CFA4C8517BEBBBAAF04314F188159EA95A7382D77DEE46CB40
                                                                                                                                                                                                                                                                                                                                                                                  Function 009F2AF0 Relevance: 16.0, APIs: 8, Strings: 1, Instructions: 256fileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009BA9D6: __EH_prolog3.LIBCMT ref: 009BA9DD
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009BA9D6: GetProcessHeap.KERNEL32(00000000,009B9655,11C5A2E7,?,00A2C400,000000FF), ref: 009BAA10
                                                                                                                                                                                                                                                                                                                                                                                  • CreateFileW.KERNELBASE(00000000,C0000000,00000003,00000000,00000003,00000000,00000000), ref: 009F2BEB
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009F2BF9
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CreateErrorFileH_prolog3HeapLastProcess
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: \\.\PhysicalDrive%u
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3192203425-3292898883
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b6212241c89bebc53a33111a9c6635583c6f62b43b49c5c442a1c49d8d63f60a
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 9342b62e8e122af5ad0a11a16fc5bdae7ebe64ee916ac8a0c86e701f857cf9c4
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b6212241c89bebc53a33111a9c6635583c6f62b43b49c5c442a1c49d8d63f60a
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: ABA1FE71D003499FEB10CFA8CC46BEEBBB8FF59310F204259E654AB291E774A945CB91
                                                                                                                                                                                                                                                                                                                                                                                  Function 009F2E10 Relevance: 16.0, APIs: 8, Strings: 1, Instructions: 222fileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009BA9D6: __EH_prolog3.LIBCMT ref: 009BA9DD
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009BA9D6: GetProcessHeap.KERNEL32(00000000,009B9655,11C5A2E7,?,00A2C400,000000FF), ref: 009BAA10
                                                                                                                                                                                                                                                                                                                                                                                  • CreateFileW.KERNELBASE(00000000,C0000000,00000003,00000000,00000003,00000000,00000000), ref: 009F2EF6
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009F2F04
                                                                                                                                                                                                                                                                                                                                                                                  • DeviceIoControl.KERNELBASE(00000000,00074080,00000000,00000000,?,00000018,00000000,00000000), ref: 009F2F28
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009F2F32
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,00000000), ref: 009F304A
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorLast$CloseControlCreateDeviceFileH_prolog3HandleHeapProcess
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: \\.\PhysicalDrive%u
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 914384026-3292898883
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 5e2e5360a13fc695bb3975c2a6ad7b24beb526b5c24b3bd88aeee60e2ce99b79
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 9e2881530daa6fed471cfd09cc9b37edd5ff2d727789bf3ab52100d2529ecc22
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5e2e5360a13fc695bb3975c2a6ad7b24beb526b5c24b3bd88aeee60e2ce99b79
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: EE81AE71D00309DFEB10CFA4CD46BAEBBB4FF58714F244229E615AB291DB74AA41CB91
                                                                                                                                                                                                                                                                                                                                                                                  Function 009EF2A0 Relevance: 14.2, APIs: 6, Strings: 2, Instructions: 206libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetSystemInfo.KERNELBASE(?), ref: 009EF2BA
                                                                                                                                                                                                                                                                                                                                                                                  • GetVersionExW.KERNEL32(0000011C), ref: 009EF31D
                                                                                                                                                                                                                                                                                                                                                                                  • GetVersionExW.KERNEL32(0000011C), ref: 009EF338
                                                                                                                                                                                                                                                                                                                                                                                  • GetModuleHandleW.KERNEL32(NTDLL.DLL,RtlGetVersion,00000101), ref: 009EF353
                                                                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000), ref: 009EF35A
                                                                                                                                                                                                                                                                                                                                                                                  • RtlGetVersion.NTDLL ref: 009EF39B
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Version$AddressHandleInfoModuleProcSystem
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: NTDLL.DLL$RtlGetVersion
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 335284197-196638859
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 3ad3a55edcdcda055d80a116bf40c08b1d167a5db7fbda98d9b73c1a1d9ca7ff
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 41d3b7d5cacb37d16719ae6fb7717d3d04d911b32809adb13b1ddb991627d1a2
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3ad3a55edcdcda055d80a116bf40c08b1d167a5db7fbda98d9b73c1a1d9ca7ff
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7A7195B16052A987EF2A8E4AD8787B97265FB14300F2408FBF61797690DB388D805F56
                                                                                                                                                                                                                                                                                                                                                                                  Function 009F2870 Relevance: 12.5, APIs: 6, Strings: 1, Instructions: 210fileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009BA9D6: __EH_prolog3.LIBCMT ref: 009BA9DD
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009BA9D6: GetProcessHeap.KERNEL32(00000000,009B9655,11C5A2E7,?,00A2C400,000000FF), ref: 009BAA10
                                                                                                                                                                                                                                                                                                                                                                                  • GetVersion.KERNEL32(?,00000000), ref: 009F28DC
                                                                                                                                                                                                                                                                                                                                                                                  • CreateFileW.KERNELBASE(00000000,00000000,00000003,00000000,00000003,00000000,00000000,?,00000000), ref: 009F2903
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,00000000), ref: 009F2913
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,?,?,?,?,00000000), ref: 009F2A8E
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CloseCreateErrorFileH_prolog3HandleHeapLastProcessVersion
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: \\.\PhysicalDrive%u
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2386529336-3292898883
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 3337e2bc48e305504d065f2110c1a50817a0e0eebde5f4cc38c6dd65de22507e
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 17b2c84fa2d5e773bd1abba570ff59491b4e2477f4098a3c558f0eb922eb0404
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3337e2bc48e305504d065f2110c1a50817a0e0eebde5f4cc38c6dd65de22507e
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A371C07190020A9FDB24DFA8CD45BBEB7B8EF48314F144629EA11A72D1DB74AD41CBA1
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D4221 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 101comCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_align.LIBCMT ref: 009D422A
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D8C50: VerSetConditionMask.NTDLL ref: 009D8CB3
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D8C50: VerSetConditionMask.NTDLL ref: 009D8CB7
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D8C50: VerSetConditionMask.NTDLL ref: 009D8CBB
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D8C50: VerifyVersionInfoW.KERNEL32(0000011C,00000023,00000000), ref: 009D8CDD
                                                                                                                                                                                                                                                                                                                                                                                  • VariantInit.OLEAUT32(?), ref: 009D426A
                                                                                                                                                                                                                                                                                                                                                                                  • CoCreateInstance.OLE32(00A52C50,00000000,00000017,00A52C20,00A71394,?,009D47F1,RegisterJob_1,?), ref: 009D4287
                                                                                                                                                                                                                                                                                                                                                                                  • VariantClear.OLEAUT32(?), ref: 009D429C
                                                                                                                                                                                                                                                                                                                                                                                  • VariantClear.OLEAUT32(?), ref: 009D42EB
                                                                                                                                                                                                                                                                                                                                                                                  • CoCreateInstance.OLE32(00A52BE0,00000000,00000017,00A52BF0,00A71394,PrepareSchedulerInterface,00000000,00000020,00000008,009D4340,?,009D47F1,RegisterJob_1,?), ref: 009D430C
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • PrepareSchedulerInterface, xrefs: 009D423A
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ConditionMaskVariant$ClearCreateInstance$H_prolog3_alignInfoInitVerifyVersion
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: PrepareSchedulerInterface
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 515628685-1452121817
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 26288b82b0dbed75114b4d228510fa60d0b797b48ea80b38bf0ef960214d3473
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 784b40072341d5ab9f72a7045d3b2b9681666cacfed99bea847a3936f4039589
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 26288b82b0dbed75114b4d228510fa60d0b797b48ea80b38bf0ef960214d3473
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9931B332950619BBDB01EFF8EE0ABEFB775BF09711F100419F901BB191DAB59A048B91
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D0058 Relevance: 10.6, APIs: 7, Instructions: 90memoryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetCurrentProcess.KERNEL32(00000008,?), ref: 009D0086
                                                                                                                                                                                                                                                                                                                                                                                  • OpenProcessToken.ADVAPI32(00000000), ref: 009D008D
                                                                                                                                                                                                                                                                                                                                                                                  • AllocateAndInitializeSid.ADVAPI32(?,00000001,00000012,00000000,00000000,00000000,00000000,00000000,00000000,00000000,?), ref: 009D00AD
                                                                                                                                                                                                                                                                                                                                                                                  • GetTokenInformation.KERNELBASE(?,00000001(TokenIntegrityLevel),00000000,?,?), ref: 009D00D9
                                                                                                                                                                                                                                                                                                                                                                                  • EqualSid.ADVAPI32(00000000,?), ref: 009D00E8
                                                                                                                                                                                                                                                                                                                                                                                  • FreeSid.ADVAPI32(?), ref: 009D0106
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNELBASE(?), ref: 009D0117
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ProcessToken$AllocateCloseCurrentEqualFreeHandleInformationInitializeOpen
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3347031116-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 772694e50c251ac8c9a5b482633f37faf97f2bd13d2a2ca8fe06be9da55e318c
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ed49d577e7e223f1371fef5be69953e338f1c49ca0a6a29fb96f8d82aace73ab
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 772694e50c251ac8c9a5b482633f37faf97f2bd13d2a2ca8fe06be9da55e318c
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3E212D71E4021AAFDB10DFE1DD45AAFBBB8FF49350F10442AF601E2250DB749A01CAA0
                                                                                                                                                                                                                                                                                                                                                                                  Function 009F11B0 Relevance: 7.9, APIs: 3, Strings: 1, Instructions: 943COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(00A727E8,11C5A2E7), ref: 009F11E8
                                                                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(00A727E8), ref: 009F1FE7
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009BA70E: HeapAlloc.KERNEL32(?,00000000,?,11C5A2E7,00000000,00A2C400,000000FF,?,?,00A6C524,?,?,009BA5B1,80070057,?,009B94EB), ref: 009BA754
                                                                                                                                                                                                                                                                                                                                                                                  • Concurrency::cancel_current_task.LIBCPMT ref: 009F2019
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CriticalSection$AllocConcurrency::cancel_current_taskEnterHeapLeave
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: ritySN
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2391443163-3699711553
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 40d38709ef6b76373c6b68d134c9bf645ce53c67920d0f30a370b0e519339aef
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 062cd33f3d0ac1ab09598afdc31cc063e5e2f480ba1f7ad23666532598484190
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 40d38709ef6b76373c6b68d134c9bf645ce53c67920d0f30a370b0e519339aef
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 65923670D01259CBDB24CF28CD88BEDBBB5AF45304F1482E9D518AB291EB759E85CF81
                                                                                                                                                                                                                                                                                                                                                                                  Function 009EC220 Relevance: .6, Instructions: 638COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: d533caa472e0368bc5709cb3091bdac660b53ad8a3af880e1597ff84c486947f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 8ecbe112c1d3b643992ca1c4be62bbd99816e4eec766d467d14696070e8cc768
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d533caa472e0368bc5709cb3091bdac660b53ad8a3af880e1597ff84c486947f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D03285B1A001698FDF25CE15CC80BADB7B6EBD4314F0545E9E859E7341D632AE96CF80
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E9410 Relevance: .3, Instructions: 307COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 3c8dde5f2d6d963d40a34f9b20a3db5403b51058ca7cdd608b31145a2c0dddb8
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 58324af2b44cee8a4de69bf6a744c965497282c2cbff589e394dd96081be8110
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3c8dde5f2d6d963d40a34f9b20a3db5403b51058ca7cdd608b31145a2c0dddb8
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 11B1C37290025C9BDF22DE55DC84FEAB3BDFB94314F1045AAF90A93141EE71AE89CA50
                                                                                                                                                                                                                                                                                                                                                                                  Function 009BB169 Relevance: 91.7, APIs: 11, Strings: 41, Instructions: 714COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • FreeLibrary.KERNEL32(00000000,FreeSchedulerInterface,?), ref: 009BBC4B
                                                                                                                                                                                                                                                                                                                                                                                  • CoUninitialize.COMBASE(?,?,?,FreeSchedulerInterface,?), ref: 009BBC8F
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: FreeLibraryUninitialize
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: Press any key to exit console...$/applycab$/applydiff$/applydll$/applypatch$/applyupdate$/autoversion$/checkreg$/creatediff$/debug$/debugdbgout$/debugfile$/emupdater$/installer$/nokeypress$/offlinexml$/reg$/start$/unreg$/updater$An Administrator or LocalSystem account required!$ApplyEmUpdate$Diff file: %s$Diff file: %s missing$Done with %s$File %s already exists$FreeSchedulerInterface$Global\CCleanerSetupMutex$Going to %s %s file$Job "%s" started manually with status:%li$New file: %s$New file: %s missing$Old file: %s$Old file: %s missing$_tWinMain final result: %u$apply$create$diff$failure$success$usage: %s %s old_file new_file diff_file
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2820425437-1244854605
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 6b8081a9cbe96122c63c9fd017f8044d81fd771cb4913c45563b8040ef50c9fd
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 453986a03c5f82349ffe8328f9a4f66390fe42c2fe96b52d2bb9c65f85373904
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 6b8081a9cbe96122c63c9fd017f8044d81fd771cb4913c45563b8040ef50c9fd
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5342233090820AEFDF21EBA4DA56BED3BB5AF55334F140069F8016B1E2DBB19C45CB52
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E5A0C Relevance: 68.8, APIs: 30, Strings: 9, Instructions: 594networksleepfileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 1132 9e5a0c-9e5ba3 call a06930 call 9ce6cc call a07e10 call 9baaed * 2 1143 9e624d 1132->1143 1144 9e5ba9-9e5bab 1132->1144 1146 9e6257-9e62ac call 9baacb * 2 call 9ce740 call a05c9e 1143->1146 1144->1143 1145 9e5bb1-9e5bb4 1144->1145 1145->1143 1147 9e5bba-9e5bc8 1145->1147 1150 9e5bca-9e5bcc 1147->1150 1151 9e5bd2-9e5bd5 1147->1151 1150->1143 1150->1151 1152 9e622a-9e623d call 9e4904 1151->1152 1153 9e5bdb-9e5bde 1151->1153 1160 9e6242-9e624b 1152->1160 1153->1152 1155 9e5be4-9e5bfb call 9ce1d8 1153->1155 1163 9e5bfd-9e5c03 1155->1163 1164 9e5c16-9e5c1d 1155->1164 1160->1146 1163->1164 1166 9e5c05-9e5c10 1163->1166 1168 9e5c2e-9e5c35 1164->1168 1169 9e5c1f-9e5c29 1164->1169 1166->1143 1166->1164 1170 9e5c37-9e5c4f InternetOpenW 1168->1170 1171 9e5c51-9e5c91 call 9ba338 InternetOpenW 1168->1171 1169->1146 1172 9e5c97-9e5c99 1170->1172 1171->1172 1172->1146 1175 9e5c9f-9e5ca6 1172->1175 1176 9e5ca8-9e5cb2 1175->1176 1177 9e5cb7-9e5ccb InternetSetOptionW 1175->1177 1178 9e6221-9e6228 InternetCloseHandle 1176->1178 1177->1178 1179 9e5cd1-9e5ce5 InternetSetOptionW 1177->1179 1178->1146 1179->1178 1180 9e5ceb-9e5cff InternetSetOptionW 1179->1180 1180->1178 1181 9e5d05-9e5d07 1180->1181 1182 9e5d0a-9e5d17 1181->1182 1182->1182 1183 9e5d19-9e5d39 call a1cd7a 1182->1183 1186 9e5d4a-9e5d60 InternetCanonicalizeUrlW 1183->1186 1187 9e5d3b-9e5d45 1183->1187 1188 9e5d66-9e5d68 1186->1188 1189 9e6204-9e6218 call a0f917 1186->1189 1187->1178 1191 9e5d6a-9e5d7d GetFileAttributesExW 1188->1191 1192 9e5d90-9e5d97 1188->1192 1189->1178 1197 9e621a-9e621b InternetCloseHandle 1189->1197 1191->1192 1194 9e5d7f-9e5d8a 1191->1194 1195 9e5d99-9e5d9b 1192->1195 1196 9e5e16-9e5e2f InternetCrackUrlW 1192->1196 1194->1192 1195->1196 1200 9e5d9d-9e5da7 1195->1200 1198 9e5e40-9e5e49 1196->1198 1199 9e5e31-9e5e3b 1196->1199 1197->1178 1203 9e5e4b-9e5e4e 1198->1203 1204 9e5ea1-9e5ea9 1198->1204 1199->1189 1201 9e5ddd 1200->1201 1202 9e5da9-9e5dbf DeleteFileW GetLastError 1200->1202 1206 9e5de3-9e5df4 DeleteFileW GetLastError 1201->1206 1202->1196 1205 9e5dc1-9e5dc4 1202->1205 1209 9e5e82-9e5e8a 1203->1209 1210 9e5e50-9e5e53 1203->1210 1207 9e5eab-9e5eae 1204->1207 1208 9e5eb5-9e5eb8 1204->1208 1213 9e5dcb-9e5dd9 Sleep 1205->1213 1214 9e5dc6-9e5dc9 1205->1214 1215 9e5df6-9e5df9 1206->1215 1216 9e5e10 1206->1216 1207->1208 1219 9e5e99-9e5e9f 1208->1219 1217 9e5e8c-9e5e8f 1209->1217 1218 9e5e96 1209->1218 1211 9e5e5a-9e5e62 1210->1211 1212 9e5e55-9e5e58 1210->1212 1221 9e5e7e-9e5e80 1211->1221 1222 9e5e64-9e5e6b 1211->1222 1212->1211 1220 9e5eba 1212->1220 1213->1202 1223 9e5ddb 1213->1223 1214->1196 1214->1213 1224 9e5dfb-9e5dfe 1215->1224 1225 9e5e00-9e5e0e Sleep 1215->1225 1216->1196 1217->1218 1226 9e5e98 1218->1226 1227 9e5ec0-9e5efc InternetConnectW 1219->1227 1220->1227 1221->1226 1229 9e5e6d-9e5e70 1222->1229 1230 9e5e72 1222->1230 1223->1196 1224->1216 1224->1225 1225->1206 1225->1216 1226->1219 1227->1189 1228 9e5f02-9e5f09 1227->1228 1231 9e5f0b-9e5f20 InternetSetOptionW 1228->1231 1232 9e5f40-9e5f69 call 9ba676 call 9ccdf8 1228->1232 1233 9e5e77 1229->1233 1230->1233 1231->1189 1234 9e5f26-9e5f3a InternetSetOptionW 1231->1234 1239 9e5f6f-9e5f72 1232->1239 1240 9e607d-9e609e FtpOpenFileW 1232->1240 1233->1221 1234->1189 1234->1232 1242 9e6058-9e605f 1239->1242 1243 9e5f78-9e5f7b 1239->1243 1241 9e60a4-9e60a8 1240->1241 1241->1189 1245 9e60ae-9e60b6 1241->1245 1242->1189 1244 9e6065-9e607b GopherOpenFileW 1242->1244 1243->1189 1246 9e5f81-9e5fc2 HttpOpenRequestW 1243->1246 1244->1241 1247 9e60bf-9e60c6 1245->1247 1248 9e60b8-9e60ba 1245->1248 1246->1189 1249 9e5fc8-9e5fd0 1246->1249 1251 9e60c8-9e60d2 1247->1251 1252 9e60d7-9e60de 1247->1252 1250 9e61f7 1248->1250 1253 9e5fe9-9e5ff1 1249->1253 1254 9e5fd2-9e5fe3 HttpAddRequestHeadersW 1249->1254 1255 9e61fd-9e61fe InternetCloseHandle 1250->1255 1251->1255 1256 9e6196-9e619d 1252->1256 1257 9e60e4-9e6103 call 9cd399 1252->1257 1258 9e6044-9e6051 HttpSendRequestW 1253->1258 1259 9e5ff3-9e6010 1253->1259 1254->1253 1254->1255 1255->1189 1264 9e619f-9e61c2 HttpQueryInfoW 1256->1264 1265 9e61dc-9e61f4 call 9cd585 1256->1265 1257->1255 1270 9e6109-9e6110 1257->1270 1258->1245 1263 9e6053 1258->1263 1261 9e6016 1259->1261 1262 9e6012-9e6014 1259->1262 1267 9e601c-9e6037 HttpSendRequestExW 1261->1267 1262->1267 1263->1255 1264->1255 1269 9e61c4-9e61ce 1264->1269 1265->1250 1267->1245 1272 9e6039-9e6042 InternetCloseHandle 1267->1272 1269->1265 1273 9e61d0-9e61da 1269->1273 1270->1255 1274 9e6116-9e6143 HttpEndRequestW HttpQueryInfoW 1270->1274 1272->1241 1273->1255 1273->1265 1274->1255 1275 9e6149-9e6154 1274->1275 1276 9e6156-9e615b 1275->1276 1277 9e6177-9e617c 1275->1277 1276->1277 1278 9e615d-9e6162 1276->1278 1277->1255 1279 9e617e-9e6194 call 9cd585 1277->1279 1278->1255 1280 9e6168-9e6172 1278->1280 1279->1255 1280->1255
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • InternetOpenW.WININET(00000000,00000000,00000000,00000000), ref: 009E5C41
                                                                                                                                                                                                                                                                                                                                                                                  • InternetOpenW.WININET(00000003,?,00000000,00000000), ref: 009E5C89
                                                                                                                                                                                                                                                                                                                                                                                  • InternetSetOptionW.WININET(00000000,00000002,?,00000004), ref: 009E5CC3
                                                                                                                                                                                                                                                                                                                                                                                  • InternetSetOptionW.WININET(00000000,00000006,?,00000004), ref: 009E5CDD
                                                                                                                                                                                                                                                                                                                                                                                  • InternetSetOptionW.WININET(00000000,00000005,?,00000004), ref: 009E5CF7
                                                                                                                                                                                                                                                                                                                                                                                  • InternetCanonicalizeUrlW.WININET(00000000,00000000,?,02000000), ref: 009E5D58
                                                                                                                                                                                                                                                                                                                                                                                  • GetFileAttributesExW.KERNEL32(00000000,00000000,?,?,?,?,?,?,00000000,00000000), ref: 009E5D75
                                                                                                                                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(?), ref: 009E5DAF
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009E5DB7
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8), ref: 009E5DD0
                                                                                                                                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(?), ref: 009E5DE4
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009E5DEC
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8), ref: 009E5E05
                                                                                                                                                                                                                                                                                                                                                                                  • InternetCrackUrlW.WININET(?,00000000,00000000,?), ref: 009E5E27
                                                                                                                                                                                                                                                                                                                                                                                  • InternetConnectW.WININET(00000000,?,00000000,?,?,00000001,00000000,00000000), ref: 009E5EEC
                                                                                                                                                                                                                                                                                                                                                                                  • InternetSetOptionW.WININET(00000000,0000002B,00A71358,00000000), ref: 009E5F18
                                                                                                                                                                                                                                                                                                                                                                                  • InternetSetOptionW.WININET(00000000,0000002C,00A71358,00000000), ref: 009E5F32
                                                                                                                                                                                                                                                                                                                                                                                  • HttpOpenRequestW.WININET(00000000,POST,?,00000000,00000000,00000000,8448F300,00000000), ref: 009E5FB8
                                                                                                                                                                                                                                                                                                                                                                                  • HttpAddRequestHeadersW.WININET(00000000,?,000000FF,10000000), ref: 009E5FDB
                                                                                                                                                                                                                                                                                                                                                                                  • HttpSendRequestExW.WININET(00000000,00000028,00000000,00000000,00000000), ref: 009E602F
                                                                                                                                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 009E603A
                                                                                                                                                                                                                                                                                                                                                                                  • HttpSendRequestW.WININET(00000000,00000000,00000000,00000000,00000000), ref: 009E6049
                                                                                                                                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 009E61FE
                                                                                                                                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(?), ref: 009E621B
                                                                                                                                                                                                                                                                                                                                                                                  • InternetCloseHandle.WININET(00000000), ref: 009E6222
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Internet$Option$CloseHandleHttpRequest$FileOpen$DeleteErrorLastSendSleep$AttributesCanonicalizeConnectCrackHeaders
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: $%s:%hu$($<$Downloading: %s$GET$POST$PerformRemoteOp$W
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 119301591-2450224107
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b6fb140e169253400041689ecf78e54b9b6ef967097badd2fc7670720f1d7e9d
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 018655eda4ab845af2ebee9af3495ca1552d25fbc0bd02928506ff76cb6cfb42
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b6fb140e169253400041689ecf78e54b9b6ef967097badd2fc7670720f1d7e9d
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5B328171901669AFDB27CF66DC48BAAB7BCEB54344F0041E9E509E6290D7B09F80CF51
                                                                                                                                                                                                                                                                                                                                                                                  Function 009B8A6B Relevance: 58.2, APIs: 20, Strings: 13, Instructions: 493registryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 1283 9b8a6b-9b8aa4 call a06a31 call 9baaed 1288 9b8ad1-9b8b21 call 9ba676 * 2 call 9d17a8 RegOpenKeyExW 1283->1288 1289 9b8aa6-9b8ac5 call 9ba676 1283->1289 1299 9b8b23-9b8b60 RegQueryValueExW 1288->1299 1300 9b8b72 1288->1300 1289->1288 1294 9b8ac7 1289->1294 1294->1288 1301 9b8b62-9b8b70 call 9ba676 1299->1301 1302 9b8b77-9b8b80 1299->1302 1300->1302 1301->1302 1304 9b8b86-9b8b99 call 9b8980 1302->1304 1305 9b8c44-9b8c4d 1302->1305 1313 9b8b9b 1304->1313 1314 9b8b9d-9b8bc0 call 9ba676 call 9babc9 call 9cfeac 1304->1314 1308 9b8c53-9b8c77 call 9b9476 call 9b95d2 1305->1308 1309 9b91c4-9b91c9 call 9ce1d8 1305->1309 1324 9b8c79-9b8c7c call 9b94f4 1308->1324 1325 9b8c81-9b8cc6 call 9b951e RegQueryValueExW 1308->1325 1315 9b91ce 1309->1315 1313->1314 1340 9b8bcb-9b8bd2 1314->1340 1341 9b8bc2-9b8bc9 call 9ba366 1314->1341 1318 9b91cf-9b91d6 1315->1318 1322 9b91d8-9b91df RpcStringFreeW 1318->1322 1323 9b91e5-9b91ec 1318->1323 1322->1323 1326 9b91fa-9b9217 call 9baacb call a06983 1323->1326 1327 9b91ee-9b91f4 RegCloseKey 1323->1327 1324->1325 1338 9b8cc8-9b8ceb RegQueryValueExW 1325->1338 1339 9b8ced-9b8d12 call 9ba676 UuidFromStringW 1325->1339 1327->1326 1338->1339 1343 9b8d37-9b8d4b UuidIsNil 1338->1343 1354 9b8d26-9b8d32 call 9b951e 1339->1354 1355 9b8d14-9b8d24 1339->1355 1340->1305 1346 9b8bd4-9b8c05 RegCreateKeyExW 1340->1346 1341->1305 1348 9b8dbb-9b8dd6 call 9e63e0 1343->1348 1349 9b8d4d-9b8d60 UuidCreate 1343->1349 1352 9b8c1e-9b8c3e RegSetValueExW 1346->1352 1353 9b8c07-9b8c19 GetLastError call 9ce1d8 1346->1353 1363 9b8dd8-9b8de1 1348->1363 1356 9b8d69-9b8d83 UuidToStringW 1349->1356 1357 9b8d62-9b8d67 1349->1357 1352->1305 1353->1315 1354->1343 1355->1343 1356->1348 1358 9b8d85-9b8db5 call 9ba676 RegSetValueExW 1356->1358 1357->1348 1357->1356 1358->1348 1366 9b8e0d-9b8e32 call 9ba676 UuidToStringW 1363->1366 1367 9b8de3-9b8e0b call 9ba338 1363->1367 1372 9b8e51-9b8e99 RegQueryValueExW 1366->1372 1373 9b8e34-9b8e4b call 9ba676 RpcStringFreeW 1366->1373 1367->1363 1377 9b8e9b-9b8ea1 1372->1377 1378 9b8ea6-9b8ece call 9b9379 call 9d2632 1372->1378 1373->1372 1379 9b8f79-9b8f7e 1377->1379 1386 9b8ed3-9b8ed5 1378->1386 1382 9b8f83-9b8fb2 RegQueryValueExW 1379->1382 1384 9b8fc4-9b8fec 1382->1384 1385 9b8fb4-9b8fbf 1382->1385 1387 9b8fee-9b9026 RegQueryValueExW 1384->1387 1385->1384 1388 9b8f11 1386->1388 1389 9b8ed7-9b8f0f call 9b9379 call 9d2632 1386->1389 1390 9b9028-9b9054 call 9b956c call 9b93ea 1387->1390 1391 9b9091-9b9095 1387->1391 1395 9b8f18-9b8f26 1388->1395 1389->1388 1389->1395 1414 9b9080-9b908c call 9baacb 1390->1414 1415 9b9056 1390->1415 1391->1387 1392 9b909b-9b90a4 1391->1392 1398 9b90ad-9b91c2 call 9b956c call 9b944e call 9b9773 call 9baacb call 9b956c call 9b944e call 9b9773 call 9baacb call 9b956c call 9b944e call 9b9773 call 9baacb call 9b956c call 9b944e call 9b9773 call 9baacb 1392->1398 1399 9b90a6 1392->1399 1396 9b8f48-9b8f4d 1395->1396 1397 9b8f28-9b8f42 call 9baacb 1395->1397 1404 9b8f69-9b8f70 1396->1404 1405 9b8f4f-9b8f64 call 9baacb 1396->1405 1397->1396 1398->1318 1399->1398 1404->1382 1411 9b8f72 1404->1411 1405->1404 1411->1379 1414->1391 1417 9b9218-9b9222 call 9ba70e 1415->1417 1418 9b905c-9b9060 1415->1418 1418->1414 1421 9b9062-9b907a 1418->1421 1421->1414
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_catch_GS.LIBCMT ref: 009B8A75
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.KERNELBASE(00000000,00000100,?,UpdateVersion,SetupVersion,0000025C,009CC1C0), ref: 009B8B13
                                                                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExW.KERNELBASE(?,00A59354,00000000,00000000,?,00000208), ref: 009B8B53
                                                                                                                                                                                                                                                                                                                                                                                  • RegCreateKeyExW.ADVAPI32(00000000,00000000,00000000,00000100,00000000,00000000,00000000), ref: 009B8BF7
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009B8C07
                                                                                                                                                                                                                                                                                                                                                                                  • RegSetValueExW.ADVAPI32(00000000,00A59354,00000000,00000001,00CE93B0,?), ref: 009B8C3E
                                                                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExW.KERNELBASE(?,00A58F20,00000000,00000000,?,00000208), ref: 009B8CBE
                                                                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExW.ADVAPI32(?,GUID,00000000,00000000,?,00000208), ref: 009B8CE3
                                                                                                                                                                                                                                                                                                                                                                                  • UuidFromStringW.RPCRT4(?,00A72590), ref: 009B8D0A
                                                                                                                                                                                                                                                                                                                                                                                  • UuidIsNil.RPCRT4(00A72590,?), ref: 009B8D43
                                                                                                                                                                                                                                                                                                                                                                                  • UuidCreate.RPCRT4(00A72590), ref: 009B8D52
                                                                                                                                                                                                                                                                                                                                                                                  • UuidToStringW.RPCRT4(00A72590,?), ref: 009B8D75
                                                                                                                                                                                                                                                                                                                                                                                  • RegSetValueExW.ADVAPI32(?,00A58F20,00000000,00000001,00CDA818,?,?), ref: 009B8DB5
                                                                                                                                                                                                                                                                                                                                                                                  • UuidToStringW.RPCRT4(00A725A4,?), ref: 009B8E2A
                                                                                                                                                                                                                                                                                                                                                                                  • RpcStringFreeW.RPCRT4(?), ref: 009B8E4B
                                                                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExW.KERNELBASE(?,SetupVersion,00000000,00000000,?,00000004), ref: 009B8E91
                                                                                                                                                                                                                                                                                                                                                                                  • RpcStringFreeW.RPCRT4(00000000), ref: 009B91DF
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.KERNELBASE(00000000), ref: 009B91F4
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Value$StringUuid$Query$CreateFree$CloseErrorFromH_prolog3_catch_LastOpen
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %02X$CCleaner.exe$CCleaner64.exe$Cannot create CCleaner registry key, gle=%u$GUID$KillProcesses$RestartService$SOFTWARE\Piriform\CCleaner$SetupVersion$StartService$StopService$Unable to locate CCleaner program path$UpdateVersion
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1940052496-1972205597
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 0b230bca58f0e0308472555af76477d80472fffcf0976a426efc437fd419d7ec
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 33f34622f3b1730e536bd3867d153734c66f03f0d594ef7846c92faf184ff017
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0b230bca58f0e0308472555af76477d80472fffcf0976a426efc437fd419d7ec
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 23129270901218AFDB24DB94DE99BEEB7B9FF48310F1080D9E509A72A1DB349E85CF11
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D4C5E Relevance: 53.3, APIs: 23, Strings: 7, Instructions: 789timeCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 1452 9d4c5e-9d4d4c call a2c0b1 call 9ce6cc * 2 call 9d4330 VariantInit call 9d640b 1463 9d5685-9d568d 1452->1463 1464 9d4d52-9d4d54 1452->1464 1466 9d569c-9d56a4 1463->1466 1467 9d568f-9d5695 1463->1467 1464->1463 1465 9d4d5a-9d4d6f call 9d44d2 1464->1465 1465->1463 1478 9d4d75-9d4d8c 1465->1478 1469 9d56a6-9d56ac 1466->1469 1470 9d56b3-9d56bb 1466->1470 1467->1466 1469->1470 1471 9d56bd-9d56c3 1470->1471 1472 9d56ca-9d56d2 1470->1472 1471->1472 1476 9d56d4-9d56da 1472->1476 1477 9d56e1-9d56e9 1472->1477 1476->1477 1480 9d56f8-9d5700 1477->1480 1481 9d56eb-9d56f1 1477->1481 1478->1463 1488 9d4d92-9d4dad 1478->1488 1484 9d570f-9d5717 1480->1484 1485 9d5702-9d5708 1480->1485 1481->1480 1486 9d5719-9d571f 1484->1486 1487 9d5726-9d572e 1484->1487 1485->1484 1486->1487 1491 9d573d-9d5745 1487->1491 1492 9d5730-9d5736 1487->1492 1488->1463 1498 9d4db3-9d4df5 call 9d8be5 SysFreeString 1488->1498 1494 9d5754-9d575c 1491->1494 1495 9d5747-9d574d 1491->1495 1492->1491 1499 9d575e-9d5764 1494->1499 1500 9d576b-9d5773 1494->1500 1495->1494 1516 9d567f 1498->1516 1517 9d4dfb-9d4e11 GetModuleFileNameW 1498->1517 1499->1500 1501 9d5775-9d577b 1500->1501 1502 9d5782-9d578a 1500->1502 1501->1502 1506 9d578c-9d5792 1502->1506 1507 9d5799-9d57a1 1502->1507 1506->1507 1510 9d57b0-9d57b8 1507->1510 1511 9d57a3-9d57a9 1507->1511 1514 9d57ba-9d57bc 1510->1514 1515 9d57c0-9d57c2 1510->1515 1511->1510 1514->1515 1518 9d57ca-9d5809 VariantClear call 9ce740 * 2 call a2c08f 1515->1518 1519 9d57c4-9d57c6 1515->1519 1516->1463 1517->1516 1521 9d4e17-9d4e32 1517->1521 1519->1518 1521->1516 1526 9d4e38-9d4e51 1521->1526 1526->1516 1531 9d4e57-9d4e70 1526->1531 1531->1516 1533 9d4e76-9d4e8c 1531->1533 1533->1516 1535 9d4e92-9d4ea8 1533->1535 1535->1516 1537 9d4eae-9d4ec4 1535->1537 1537->1516 1539 9d4eca-9d4ee5 1537->1539 1539->1516 1541 9d4eeb-9d4f08 1539->1541 1541->1516 1543 9d4f0e-9d4f2d 1541->1543 1543->1516 1545 9d4f33-9d4f9c GetSystemTime call 9ba338 SystemTimeToFileTime 1543->1545 1545->1516 1548 9d4fa2-9d4fe8 FileTimeToSystemTime 1545->1548 1548->1516 1549 9d4fee-9d507e call 9ba338 call 9d8be5 SysFreeString 1548->1549 1549->1516 1555 9d5084-9d509a 1549->1555 1555->1516 1557 9d50a0-9d50bb 1555->1557 1557->1516 1559 9d50c1-9d5103 call 9d8be5 SysFreeString 1557->1559 1559->1516 1563 9d5109-9d5175 call 9baaed call 9bbead call 9d8be5 SysFreeString 1559->1563 1571 9d517c-9d51a5 1563->1571 1572 9d5177 1563->1572 1576 9d52c8-9d52d6 1571->1576 1577 9d51ab-9d51b9 1571->1577 1573 9d566d-9d567a call 9baacb 1572->1573 1573->1516 1582 9d52dd-9d52fc 1576->1582 1583 9d52d8 1576->1583 1580 9d51bb 1577->1580 1581 9d51c0-9d51df 1577->1581 1580->1573 1588 9d51e6-9d5229 call 9d8be5 SysFreeString 1581->1588 1589 9d51e1 1581->1589 1586 9d52fe 1582->1586 1587 9d5303-9d5347 call 9d8be5 SysFreeString 1582->1587 1583->1573 1586->1573 1596 9d534e-9d5390 call 9d8be5 SysFreeString 1587->1596 1597 9d5349 1587->1597 1598 9d522b 1588->1598 1599 9d5230-9d5274 call 9d8be5 SysFreeString 1588->1599 1589->1573 1608 9d5397-9d53b2 1596->1608 1609 9d5392 1596->1609 1597->1573 1598->1573 1606 9d527b-9d52bd call 9d8be5 SysFreeString 1599->1606 1607 9d5276 1599->1607 1606->1608 1617 9d52c3 1606->1617 1607->1573 1613 9d53b9-9d53d6 1608->1613 1614 9d53b4 1608->1614 1609->1573 1618 9d53dd-9d53fc 1613->1618 1619 9d53d8 1613->1619 1614->1573 1617->1573 1621 9d53fe 1618->1621 1622 9d5403-9d5447 call 9d8be5 SysFreeString 1618->1622 1619->1573 1621->1573 1626 9d544e-9d5465 1622->1626 1627 9d5449 1622->1627 1628 9d546b-9d5560 call 9d8b5a * 2 call 9d8be5 SysFreeString VariantClear * 2 1626->1628 1629 9d5565-9d561c call 9d8b5a * 2 call 9d8be5 1626->1629 1627->1573 1644 9d565b-9d5662 1628->1644 1642 9d5623-9d5655 SysFreeString VariantClear * 2 1629->1642 1642->1644 1645 9d5664 1644->1645 1646 9d5666 1644->1646 1645->1573 1646->1573
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_GS_align.LIBCMT ref: 009D4C6A
                                                                                                                                                                                                                                                                                                                                                                                  • VariantInit.OLEAUT32(?), ref: 009D4D2D
                                                                                                                                                                                                                                                                                                                                                                                  • VariantClear.OLEAUT32(?), ref: 009D57DB
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D44D2: __EH_prolog3.LIBCMT ref: 009D44D9
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D44D2: SysFreeString.OLEAUT32(?), ref: 009D451B
                                                                                                                                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(?), ref: 009D4DE8
                                                                                                                                                                                                                                                                                                                                                                                  • GetModuleFileNameW.KERNEL32(00000000,?,00000104), ref: 009D4E09
                                                                                                                                                                                                                                                                                                                                                                                  • GetSystemTime.KERNEL32(?), ref: 009D4F3A
                                                                                                                                                                                                                                                                                                                                                                                  • SystemTimeToFileTime.KERNEL32(?,?), ref: 009D4F94
                                                                                                                                                                                                                                                                                                                                                                                  • FileTimeToSystemTime.KERNEL32(?,?), ref: 009D4FE0
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D8BE5: SysAllocString.OLEAUT32(00000000), ref: 009D8BFE
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D8BE5: VariantClear.OLEAUT32 ref: 009D8C38
                                                                                                                                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(?), ref: 009D5075
                                                                                                                                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(?), ref: 009D50FA
                                                                                                                                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(?), ref: 009D516C
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: String$FreeTime$FileSystemVariant$Clear$AllocH_prolog3H_prolog3_InitModuleNameS_align
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: $%04hu-%02hu-%02huT%02hu:%02hu:%02huZ$PT%uH$PT24H$PT2M$RegisterJob_2$System
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3104912089-2418371110
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b76b40a5ee618b3ee297c4058e5953ba87eaccb129e82f539bcd2a9e2a359f9b
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: a8a2b4324c401cb6748206f96f5695556f52078a41c383cb84e7ca48c927c629
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b76b40a5ee618b3ee297c4058e5953ba87eaccb129e82f539bcd2a9e2a359f9b
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 26721670910629EFDB26DF64CC84BADB7B9AF09305F0580D9E409AB261DB75AF84CF50
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D915C Relevance: 51.1, APIs: 14, Strings: 15, Instructions: 326sleepfileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 1647 9d915c-9d91b3 call a069c5 call 9ce6cc call 9baaed 1654 9d91b9-9d922f call 9baaed * 2 call 9ceeb3 call 9b951e call 9baacb 1647->1654 1655 9d9671-9d969f call 9baacb call 9ce740 call a06974 1647->1655 1672 9d9231-9d923b 1654->1672 1673 9d9240-9d925c call 9cce33 1654->1673 1674 9d94f1-9d94f8 1672->1674 1673->1674 1679 9d9262-9d9285 call 9bc04f 1673->1679 1677 9d94fa-9d9500 CloseHandle 1674->1677 1678 9d9506-9d950d 1674->1678 1677->1678 1680 9d950f-9d9515 CloseHandle 1678->1680 1681 9d951b-9d9525 1678->1681 1693 9d9287-9d9292 1679->1693 1694 9d92b0-9d92c5 call 9d1f7f 1679->1694 1680->1681 1682 9d9527-9d9529 1681->1682 1683 9d9562-9d9569 1681->1683 1685 9d952a-9d9540 DeleteFileW GetLastError 1682->1685 1686 9d964d-9d965a call 9baacb 1683->1686 1687 9d956f-9d9576 call 9d295b 1683->1687 1689 9d955c 1685->1689 1690 9d9542-9d9545 1685->1690 1697 9d965f-9d966c call 9baacb 1686->1697 1702 9d957c-9d9583 1687->1702 1703 9d9613-9d9622 1687->1703 1689->1683 1695 9d954c-9d955a Sleep 1690->1695 1696 9d9547-9d954a 1690->1696 1693->1674 1699 9d9298-9d92ab CloseHandle 1693->1699 1708 9d92df-9d92ff call a07e10 1694->1708 1709 9d92c7-9d92dd call 9ce1d8 1694->1709 1695->1685 1695->1689 1696->1689 1696->1695 1697->1655 1699->1674 1702->1686 1705 9d9589-9d9593 1702->1705 1706 9d962f-9d964b call 9baacb 1703->1706 1707 9d9624-9d962a call 9ba676 1703->1707 1705->1686 1712 9d9599-9d95a3 1705->1712 1706->1697 1707->1706 1719 9d9399-9d93b3 call 9b951e 1708->1719 1720 9d9305-9d9327 GetModuleFileNameW 1708->1720 1709->1693 1712->1686 1718 9d95a9-9d95d4 call 9baacb * 2 1712->1718 1735 9d95ef-9d95f7 1718->1735 1736 9d95d6-9d95d9 1718->1736 1731 9d93fb-9d9436 call 9ce1d8 CreateProcessW 1719->1731 1732 9d93b5-9d93cc call 9bbead 1719->1732 1724 9d9329-9d9335 GetLastError 1720->1724 1725 9d933a-9d9358 1720->1725 1724->1693 1728 9d935a-9d936f call 9bbead 1725->1728 1729 9d9371-9d9382 call 9bbead 1725->1729 1745 9d9385-9d9397 call 9ba676 1728->1745 1729->1745 1751 9d9438-9d943e GetLastError 1731->1751 1752 9d9444-9d944f 1731->1752 1747 9d93cf-9d93df 1732->1747 1743 9d95f9-9d9603 1735->1743 1744 9d9605-9d960b 1735->1744 1741 9d95e5-9d95e9 1736->1741 1748 9d95db-9d95de 1741->1748 1749 9d95eb-9d95ed 1741->1749 1743->1743 1743->1744 1744->1654 1750 9d9611 1744->1750 1745->1747 1747->1731 1755 9d93e1-9d93f5 call 9ba3ce 1747->1755 1748->1749 1754 9d95e0-9d95e2 1748->1754 1749->1744 1750->1655 1751->1752 1756 9d9464-9d9466 1752->1756 1757 9d9451-9d945d CloseHandle 1752->1757 1754->1741 1755->1731 1759 9d9468-9d946f call 9bd778 1756->1759 1760 9d9474-9d947b 1756->1760 1757->1756 1759->1760 1760->1674 1763 9d947d-9d94be WaitForSingleObject GetExitCodeProcess call 9ce1d8 1760->1763 1763->1674 1767 9d94c0-9d94ea call 9d0834 1763->1767 1767->1674 1770 9d94ec call 9d908c 1767->1770 1770->1674
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_GS.LIBCMT ref: 009D9166
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CEEB3: __EH_prolog3_GS.LIBCMT ref: 009CEEBA
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CEEB3: UuidCreate.RPCRT4(?), ref: 009CEF14
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CEEB3: UuidToStringW.RPCRT4(?,00000000), ref: 009CEF2D
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CEEB3: GetTickCount.KERNEL32 ref: 009CEF4A
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CEEB3: RpcStringFreeW.RPCRT4(00000000), ref: 009CEFA3
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 009D929E
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000), ref: 009D9500
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?), ref: 009D9515
                                                                                                                                                                                                                                                                                                                                                                                  • DeleteFileW.KERNELBASE(?), ref: 009D9530
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009D9538
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8), ref: 009D9551
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CloseHandle$H_prolog3_StringUuid$CountCreateDeleteErrorFileFreeLastSleepTick
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %s %s$%s %s %s "%s"$%s %s %s %s "%s"$.dll$.exe$/applydll$/emupdater$ApplyPatches$D$Going to execute Patch Id:%u from file %s$Patch Id:%u done, exitcode:%u$Patch Id:%u file:%s has broken signature$Patches$R$dummy
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 760664235-3202974421
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 5b736b29d1390b057ee94e4efaacf99c9da822bf2e2ededc1d90bb0310f81e97
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 64e71e62e39f5623285c19e3eef2b88d89a320706273c544d2f5858b299734d1
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5b736b29d1390b057ee94e4efaacf99c9da822bf2e2ededc1d90bb0310f81e97
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8EE1B070801219AFDF21EBA4DD8DBEDB7B8AF58314F1481D9E409632A2DB749E85CF11
                                                                                                                                                                                                                                                                                                                                                                                  Function 009CCE33 Relevance: 30.1, APIs: 14, Strings: 3, Instructions: 313sleepfileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 2037 9cce33-9ccedc call a069c5 call 9ce6cc call a07e10 * 4 call 9baaed * 2 2054 9ccede-9ccee3 2037->2054 2055 9ccef2 2037->2055 2054->2055 2057 9ccee5-9ccee7 2054->2057 2056 9ccefc-9ccf3d call 9baacb * 2 call 9ce740 call a06974 2055->2056 2057->2055 2059 9ccee9-9cceec 2057->2059 2059->2055 2061 9ccf7f-9ccf88 call 9cd290 2059->2061 2066 9ccf3e-9ccf41 2061->2066 2067 9ccf8a 2061->2067 2070 9ccf8f-9ccff6 call a1d10e call a1d2f5 call 9cfca5 2066->2070 2071 9ccf43-9ccf79 call 9b9379 call 9b951e call 9baacb 2066->2071 2067->2056 2086 9cd00d 2070->2086 2087 9ccff8-9ccffd 2070->2087 2071->2061 2089 9cd00f-9cd01a 2086->2089 2087->2056 2088 9cd003-9cd00b 2087->2088 2088->2089 2090 9cd01c-9cd026 GetFileAttributesW 2089->2090 2091 9cd093-9cd0ac call 9e5a0c 2089->2091 2092 9cd028-9cd034 GetLastError 2090->2092 2093 9cd039-9cd03b 2090->2093 2099 9cd0ae-9cd0b5 2091->2099 2100 9cd0d2-9cd0d5 2091->2100 2092->2056 2095 9cd04c-9cd04e 2093->2095 2096 9cd03d-9cd047 2093->2096 2098 9cd04f-9cd064 CopyFileW GetLastError 2095->2098 2096->2056 2101 9cd289 2098->2101 2103 9cd06a-9cd06d 2098->2103 2099->2100 2104 9cd0b7-9cd0cc call 9bd445 2099->2104 2100->2101 2102 9cd0db-9cd0f9 call 9bc04f 2100->2102 2112 9cd0fb-9cd108 2102->2112 2113 9cd126-9cd12b call 9d1f7f 2102->2113 2106 9cd06f-9cd072 2103->2106 2107 9cd078-9cd08c Sleep 2103->2107 2104->2056 2104->2100 2106->2056 2106->2107 2107->2098 2111 9cd08e 2107->2111 2111->2056 2112->2056 2114 9cd10e 2112->2114 2117 9cd130-9cd13f 2113->2117 2116 9cd114-9cd121 CloseHandle 2114->2116 2116->2056 2118 9cd145-9cd148 2117->2118 2119 9cd270-9cd279 2117->2119 2121 9cd15a 2118->2121 2122 9cd14a-9cd154 CloseHandle 2118->2122 2119->2101 2120 9cd27b-9cd282 CloseHandle 2119->2120 2120->2101 2123 9cd164-9cd175 DeleteFileW GetLastError 2121->2123 2122->2121 2124 9cd1b6-9cd246 call 9ba676 call 9c6c10 call 9cde8a call 9b951e call 9baacb * 2 call 9e5a0c 2123->2124 2125 9cd177-9cd17a 2123->2125 2124->2119 2145 9cd248-9cd24f 2124->2145 2126 9cd17c-9cd17f 2125->2126 2127 9cd181-9cd193 Sleep 2125->2127 2126->2127 2129 9cd195-9cd19b GetLastError 2126->2129 2127->2123 2127->2129 2131 9cd1a1-9cd1aa 2129->2131 2131->2056 2133 9cd1b0-9cd1b1 2131->2133 2133->2116 2145->2119 2146 9cd251-9cd26a call 9bd445 2145->2146 2146->2119 2146->2131
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorLast$CloseFileHandle$Sleep$AttributesCopyDeleteH_prolog3___wmakepath
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: MakeFileLocal$W$https://
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 930289702-3488284308
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 29dcefea5a582220bc5e22650ecc690666cd86ea9bdfee08c735c854b93b511c
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: e2451a60c6906e65cbbfeba5cece5042fef96dd3944a18bfd6c11dbe8b770671
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 29dcefea5a582220bc5e22650ecc690666cd86ea9bdfee08c735c854b93b511c
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 88C1A171D012189ADB20DB64CD45FEE7BF8BB89320F1485A9E449E31D1EE349F85CB92
                                                                                                                                                                                                                                                                                                                                                                                  Function 009BB709 Relevance: 29.9, APIs: 3, Strings: 14, Instructions: 152COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 2149 9bb709-9bb731 call 9d640b call 9d8d82 call 9ce1d8 2156 9bb733-9bb739 call 9d580a 2149->2156 2157 9bb754-9bb758 2149->2157 2165 9bb73e-9bb751 call 9ce1d8 2156->2165 2159 9bb75a-9bb761 2157->2159 2160 9bb7af-9bb7b1 2157->2160 2163 9bb76d-9bb78b call 9ceb66 call 9d8c50 2159->2163 2164 9bb763-9bb766 CloseHandle 2159->2164 2161 9bb8ba-9bb8be 2160->2161 2162 9bb7b7-9bb80d call 9ce1d8 * 4 call 9cfeac 2160->2162 2169 9bbc00 2161->2169 2170 9bb8c4-9bb8c8 2161->2170 2216 9bb85f-9bb861 2162->2216 2217 9bb80f-9bb811 2162->2217 2187 9bb78d-9bb792 call 9d466c 2163->2187 2188 9bb794 call 9d4548 2163->2188 2164->2163 2165->2157 2171 9bbc03-9bbc27 call 9ce6cc 2169->2171 2170->2169 2175 9bb8ce-9bb8d0 2170->2175 2184 9bbc29-9bbc2f 2171->2184 2185 9bbc36-9bbc48 call 9ce740 2171->2185 2175->2169 2179 9bb8d6 call 9cbc3b 2175->2179 2189 9bb8db-9bb8df 2179->2189 2184->2185 2204 9bbc4a-9bbc4b FreeLibrary 2185->2204 2205 9bbc51-9bbc65 call 9ce1d8 2185->2205 2200 9bb799-9bb7ac call 9ce1d8 2187->2200 2188->2200 2189->2169 2190 9bb8e5-9bb8f6 2189->2190 2201 9bb5da-9bb5dd 2190->2201 2202 9bb8fc-9bb90e call 9bc04f 2190->2202 2200->2160 2201->2169 2214 9bb92c-9bb93b call 9d1f7f 2202->2214 2215 9bb910-9bb918 2202->2215 2204->2205 2218 9bbc89-9bbc8d 2205->2218 2219 9bbc67-9bbc6e 2205->2219 2214->2215 2237 9bb93d-9bb94d LoadLibraryW 2214->2237 2215->2169 2222 9bb91e-9bb927 CloseHandle 2215->2222 2224 9bb813-9bb816 2216->2224 2225 9bb863-9bb86d call 9cfeac 2216->2225 2217->2224 2226 9bb826-9bb830 call 9cfeac 2217->2226 2220 9bbc8f CoUninitialize 2218->2220 2221 9bbc95-9bbd05 call 9baacb * 7 call a06960 2218->2221 2219->2218 2227 9bbc70-9bbc77 2219->2227 2220->2221 2222->2169 2232 9bb81b-9bb821 call 9ce1d8 2224->2232 2247 9bb879-9bb883 call 9cfeac 2225->2247 2248 9bb86f-9bb877 2225->2248 2241 9bb83c-9bb849 call 9cfeac 2226->2241 2242 9bb832-9bb83a 2226->2242 2227->2218 2228 9bbc79-9bbc84 call 9bbfdb call a10ee7 2227->2228 2228->2218 2232->2169 2244 9bb94f-9bb95f GetLastError 2237->2244 2245 9bb973-9bb981 GetProcAddress 2237->2245 2263 9bb84b-9bb850 2241->2263 2264 9bb852-9bb85d call 9bf91b 2241->2264 2242->2232 2244->2171 2254 9bb965-9bb96e CloseHandle 2244->2254 2245->2244 2255 9bb983-9bb994 call 9d96a0 2245->2255 2261 9bb88a-9bb89a call 9c0283 2247->2261 2262 9bb885-9bb888 2247->2262 2248->2232 2254->2171 2266 9bb99f-9bb9b4 2255->2266 2267 9bb996-9bb99b CloseHandle 2255->2267 2276 9bb89b-9bb8b9 call 9ce1d8 2261->2276 2262->2263 2263->2232 2264->2276 2279 9bb9be-9bb9c5 2266->2279 2280 9bb9b6 2266->2280 2267->2266 2276->2161 2284 9bb9cb-9bb9cf 2279->2284 2285 9bb9c7-9bb9c9 2279->2285 2283 9bb9b8-9bb9b9 2280->2283 2283->2171 2288 9bb9e1-9bb9e8 call 9da783 2284->2288 2289 9bb9d1-9bb9df call 9e4333 2284->2289 2285->2283 2295 9bb9ed-9bb9f0 2288->2295 2289->2295 2295->2171
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D8D82: __EH_prolog3_GS.LIBCMT ref: 009D8D8C
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D8D82: GetModuleFileNameW.KERNEL32(00000000,?,00000104,00000214,009BB71B), ref: 009D8DA8
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000), ref: 009BB764
                                                                                                                                                                                                                                                                                                                                                                                  • FreeLibrary.KERNEL32(00000000,FreeSchedulerInterface,?), ref: 009BBC4B
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CloseFileFreeH_prolog3_HandleLibraryModuleName
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: Press any key to exit console...$Diff file: %s$FreeSchedulerInterface$Going to %s %s file$Job "%s" registered with status:%li$Job "%s" started manually with status:%li$Job "%s" unregistered with status:%li$New file: %s$Old file: %s$Old file: %s missing$_tWinMain final result: %u$apply$create$diff
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 389470263-2609970337
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 4e82f9e537767c55e802994cb17c93b398c852c6e65ee2d09bdf25e3f130eda6
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 939e64e102ee8bd5b43346ffbe876fecb9dc09e149aca7622b8070e69038485a
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 4e82f9e537767c55e802994cb17c93b398c852c6e65ee2d09bdf25e3f130eda6
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0E510530900249EBEF15EBE4CE5ABED7B64AF84315F14445CE8062B1D2DB764D49C722
                                                                                                                                                                                                                                                                                                                                                                                  Function 009CD585 Relevance: 24.7, APIs: 12, Strings: 2, Instructions: 205filesleepCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 2298 9cd585-9cd5c9 call a06992 call 9ce6cc 2303 9cd7fe 2298->2303 2304 9cd5cf-9cd5d4 2298->2304 2305 9cd805-9cd81b call 9ce740 call a06960 2303->2305 2306 9cd5de-9cd5e3 2304->2306 2307 9cd5d6-9cd5d8 2304->2307 2309 9cd5ed-9cd5f0 2306->2309 2310 9cd5e5-9cd5e7 2306->2310 2307->2303 2307->2306 2309->2303 2311 9cd5f6-9cd5f8 2309->2311 2310->2303 2310->2309 2313 9cd60c-9cd612 2311->2313 2314 9cd5fa-9cd5fc 2311->2314 2317 9cd614-9cd61b 2313->2317 2318 9cd620-9cd622 2313->2318 2314->2313 2316 9cd5fe-9cd606 2314->2316 2316->2303 2316->2313 2317->2305 2320 9cd69f-9cd6a1 2318->2320 2321 9cd624-9cd631 2318->2321 2322 9cd6ac 2320->2322 2323 9cd6a3-9cd6aa 2320->2323 2324 9cd634-9cd659 CreateFileW GetLastError 2321->2324 2325 9cd6af-9cd6c2 call a140c6 2322->2325 2323->2325 2326 9cd68c-9cd68e 2324->2326 2327 9cd65b-9cd65e 2324->2327 2334 9cd6cd-9cd6d1 2325->2334 2335 9cd6c4-9cd6cb 2325->2335 2326->2325 2331 9cd690-9cd69d SetFilePointer 2326->2331 2329 9cd665-9cd67c Sleep 2327->2329 2330 9cd660-9cd663 2327->2330 2329->2324 2333 9cd67e-9cd687 GetLastError 2329->2333 2330->2329 2330->2333 2331->2325 2333->2305 2337 9cd7cc-9cd7e7 2334->2337 2336 9cd725-9cd72b 2335->2336 2336->2305 2338 9cd731-9cd73c CloseHandle 2336->2338 2342 9cd7ed 2337->2342 2343 9cd6d6-9cd6db 2337->2343 2338->2305 2339 9cd742-9cd744 2338->2339 2341 9cd745-9cd758 DeleteFileW GetLastError 2339->2341 2341->2305 2344 9cd75e-9cd761 2341->2344 2345 9cd713-9cd719 GetLastError 2342->2345 2346 9cd71c-9cd71f call a0f917 2343->2346 2347 9cd6dd-9cd6e2 2343->2347 2348 9cd76c-9cd77a Sleep 2344->2348 2349 9cd763-9cd766 2344->2349 2345->2346 2357 9cd724 2346->2357 2350 9cd6e8-9cd6ec 2347->2350 2351 9cd7c3-9cd7ca 2347->2351 2348->2341 2354 9cd77c 2348->2354 2349->2305 2349->2348 2355 9cd781-9cd78c 2350->2355 2356 9cd6f2-9cd705 WriteFile 2350->2356 2351->2337 2353 9cd7f2-9cd7f9 2351->2353 2353->2346 2354->2305 2358 9cd78e-9cd798 2355->2358 2359 9cd79a 2355->2359 2356->2345 2360 9cd707-9cd70d 2356->2360 2357->2336 2361 9cd79d-9cd7b4 call a07890 2358->2361 2359->2361 2360->2345 2360->2351 2364 9cd7b8-9cd7ba 2361->2364 2365 9cd7b6 2361->2365 2364->2346 2366 9cd7c0 2364->2366 2365->2364 2366->2351
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009CD58C
                                                                                                                                                                                                                                                                                                                                                                                  • CreateFileW.KERNELBASE(00000000,40000000,00000005,00000000,00000000,00000080,00000000,CopyResourceToFileOrBuffer,?,00000034,009E5514,?,00000000), ref: 009CD644
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009CD64D
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8), ref: 009CD66A
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009CD67E
                                                                                                                                                                                                                                                                                                                                                                                  • SetFilePointer.KERNEL32(000000FF,00000000,00000000,00000002), ref: 009CD697
                                                                                                                                                                                                                                                                                                                                                                                  • WriteFile.KERNELBASE(000000FF,00000000,00000000,00000000,00000000), ref: 009CD6FD
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009CD713
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 009CD732
                                                                                                                                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(?), ref: 009CD748
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009CD750
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8), ref: 009CD771
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorFileLast$Sleep$CloseCreateDeleteH_prolog3HandlePointerWrite
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: CopyResourceToFileOrBuffer$W
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 264394591-2625506230
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: e848e6c3ddfd64b6efe1204a59b212732e267d0c982bd83dd1338f5a5ecd4176
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: abe150af47f0ab2bfd99c009b7d3bcc287ea384be598f0a747cdb69ab2996493
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e848e6c3ddfd64b6efe1204a59b212732e267d0c982bd83dd1338f5a5ecd4176
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 847159B1E022199BDB20DFA4DD48FAEB778BB48710F24462DE815B7290E7749D41CB62
                                                                                                                                                                                                                                                                                                                                                                                  Function 009CD81C Relevance: 21.3, APIs: 7, Strings: 5, Instructions: 305sleepfileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 2367 9cd81c-9cd895 call a069c5 call 9ce6cc call 9baaed 2374 9cd89b-9cd8a0 2367->2374 2375 9cdbd1 2367->2375 2374->2375 2376 9cd8a6-9cd8d6 call 9ceeb3 call 9b951e call 9baacb 2374->2376 2377 9cdbd8-9cdbdf 2375->2377 2395 9cd8d8-9cd8df 2376->2395 2396 9cd8e4-9cd8fb call 9cce33 2376->2396 2379 9cdc10-9cdc38 call 9baacb call 9ce740 call a06974 2377->2379 2380 9cdbe1-9cdbf4 DeleteFileW GetLastError 2377->2380 2380->2379 2382 9cdbf6-9cdbf9 2380->2382 2385 9cdbfb-9cdbfe 2382->2385 2386 9cdc00-9cdc0e Sleep 2382->2386 2385->2379 2385->2386 2386->2379 2386->2380 2395->2377 2396->2377 2399 9cd901-9cd918 call 9bc04f 2396->2399 2402 9cd938-9cd949 call 9d1f7f 2399->2402 2403 9cd91a-9cd921 2399->2403 2402->2403 2407 9cd94b-9cd951 2402->2407 2403->2377 2404 9cd927-9cd933 CloseHandle 2403->2404 2404->2377 2408 9cd98c-9cd99b call a140c6 2407->2408 2409 9cd953-9cd982 call 9ce1bd * 2 2407->2409 2415 9cd99d-9cd9a4 2408->2415 2416 9cd9a9-9cd9ab 2408->2416 2409->2408 2415->2403 2417 9cd9ad-9cd9d9 GetPrivateProfileSectionW call 9b956c 2416->2417 2421 9cdb84-9cdb8b 2417->2421 2422 9cd9de-9cda3c call 9baaed * 3 call 9cb0f9 call 9b93ea call 9ccd95 2421->2422 2423 9cdb91-9cdba7 call 9baacb 2421->2423 2443 9cda3e-9cda4d call 9baacb 2422->2443 2444 9cda52-9cdade call 9bbd08 call 9b951e call 9baacb call 9cb0f9 call 9c6c10 call 9b951e call 9baacb call 9b93ea call a1ce08 2422->2444 2423->2417 2428 9cdbad-9cdbb7 2423->2428 2430 9cdbb9-9cdbc2 CloseHandle 2428->2430 2431 9cdbc5-9cdbc6 call a0f917 2428->2431 2430->2431 2435 9cdbcb-9cdbcf 2431->2435 2435->2377 2449 9cdb60-9cdb7f call 9baacb call 9bc0bf call 9ba676 2443->2449 2471 9cdafd-9cdaff 2444->2471 2472 9cdae0-9cdae2 2444->2472 2449->2421 2475 9cdb01-9cdb10 call 9baacb 2471->2475 2476 9cdb12-9cdb5b call 9b951e call 9cdefe call 9b951e call 9baacb 2471->2476 2473 9cdaec-9cdafb call 9baacb 2472->2473 2474 9cdae4-9cdaea 2472->2474 2473->2449 2474->2473 2474->2476 2475->2449 2476->2449
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_GS.LIBCMT ref: 009CD826
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,0000009C,009BBAFE), ref: 009CD92A
                                                                                                                                                                                                                                                                                                                                                                                  • DeleteFileW.KERNELBASE(?,?,?,?,?,?,?,?,?,00000009), ref: 009CDBE4
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,00000009), ref: 009CDBEC
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8,?,?,?,?,?,?,?,?,00000009), ref: 009CDC05
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CEEB3: __EH_prolog3_GS.LIBCMT ref: 009CEEBA
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CEEB3: UuidCreate.RPCRT4(?), ref: 009CEF14
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CEEB3: UuidToStringW.RPCRT4(?,00000000), ref: 009CEF2D
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CEEB3: GetTickCount.KERNEL32 ref: 009CEF4A
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CEEB3: RpcStringFreeW.RPCRT4(00000000), ref: 009CEFA3
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3_StringUuid$CloseCountCreateDeleteErrorFileFreeHandleLastSleepTick
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %u_Dll$.ini$Patches$PrepareRemotePatchDescriptor$W
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3499461042-2358442898
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: e0d4abd075f75c09b9478833444699e5491c3321b43455069657808f621318b9
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 9ec21bf5af0f53a866bde61929560be26682159014648c2fbb13a4450bcf2377
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e0d4abd075f75c09b9478833444699e5491c3321b43455069657808f621318b9
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 53C19B30D01248DEEF21EBA4C945BEDBBB5BF54314F2044ADE446AB2D2EB745A49CF12
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D17A8 Relevance: 19.4, APIs: 10, Strings: 1, Instructions: 199registryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 2488 9d17a8-9d17e7 RegOpenKeyExW 2489 9d17ed-9d17f2 2488->2489 2490 9d19ae 2488->2490 2491 9d17fc-9d1818 RegQueryValueExW 2489->2491 2492 9d17f4-9d17f7 2489->2492 2493 9d19b1-9d19b3 2490->2493 2494 9d181a-9d181e 2491->2494 2495 9d1890-9d1894 2491->2495 2492->2493 2496 9d19bc-9d19c2 2493->2496 2497 9d19b5-9d19b6 RegCloseKey 2493->2497 2494->2495 2499 9d1820-9d1831 call a140c6 2494->2499 2498 9d1896-9d189f 2495->2498 2497->2496 2500 9d18a5 2498->2500 2501 9d19a3-9d19a5 2498->2501 2507 9d183b-9d1866 call a07e10 RegQueryValueExW 2499->2507 2508 9d1833-9d1836 2499->2508 2503 9d18a8-9d18b0 2500->2503 2501->2490 2505 9d19a7-9d19ad call a0f917 2501->2505 2506 9d18b3-9d18bd 2503->2506 2505->2490 2506->2506 2510 9d18bf-9d18d1 2506->2510 2507->2505 2517 9d186c-9d1871 2507->2517 2508->2490 2513 9d18d4-9d18e5 DeleteFileW GetLastError 2510->2513 2515 9d192c-9d1932 2513->2515 2516 9d18e7-9d18ea 2513->2516 2522 9d1935-9d1958 call a07890 2515->2522 2518 9d18ec-9d18ef 2516->2518 2519 9d18f1-9d1903 Sleep 2516->2519 2520 9d1877-9d187d 2517->2520 2521 9d1873-9d1874 2517->2521 2518->2519 2523 9d1905-9d190e GetLastError 2518->2523 2519->2513 2519->2523 2524 9d187f-9d1889 2520->2524 2525 9d188b-9d188e 2520->2525 2521->2520 2529 9d195b-9d195d 2522->2529 2523->2515 2528 9d1910-9d1913 2523->2528 2524->2524 2524->2525 2525->2498 2528->2515 2530 9d1915-9d1920 2528->2530 2529->2503 2531 9d1963-9d1967 2529->2531 2530->2522 2532 9d1922-9d192a 2530->2532 2531->2501 2533 9d1969-9d196b 2531->2533 2532->2529 2534 9d197d-9d199b RegSetValueExW 2533->2534 2535 9d196d-9d197b RegDeleteValueW 2533->2535 2536 9d19a1 2534->2536 2535->2536 2536->2501
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.KERNELBASE(00000000,00000100,?), ref: 009D17DD
                                                                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExW.KERNELBASE(?,PendingFileDeleteOperations,00000000,?,00000000,?), ref: 009D1814
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(?), ref: 009D19B6
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CloseOpenQueryValue
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: PendingFileDeleteOperations
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3677997916-1189029018
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 5001ff9af6387c4af9af2fa15fc0d1d8f0b370a32a6c47272e0606f57fc38172
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: bc0d1770eacfd031e2d7c5a492a9dd0aaf1e13c8680e86ac75892e8cc8cd195a
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5001ff9af6387c4af9af2fa15fc0d1d8f0b370a32a6c47272e0606f57fc38172
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B961AF76E40209BFDF14CFA8EC94AAE7BB9EB44314F14846AE801F7350E630AD458B50
                                                                                                                                                                                                                                                                                                                                                                                  Function 009B8E5C Relevance: 19.4, APIs: 5, Strings: 6, Instructions: 177registryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 2537 9b8e5c-9b8e66 2538 9b8e6c-9b8e99 RegQueryValueExW 2537->2538 2539 9b8e9b-9b8ea1 2538->2539 2540 9b8ea6-9b8eb3 call 9b9379 2538->2540 2541 9b8f79-9b8f7e 2539->2541 2543 9b8eb8-9b8ece call 9d2632 2540->2543 2544 9b8f83-9b8fb2 RegQueryValueExW 2541->2544 2548 9b8ed3-9b8ed5 2543->2548 2546 9b8fc4-9b8fec 2544->2546 2547 9b8fb4-9b8fbf 2544->2547 2549 9b8fee-9b9026 RegQueryValueExW 2546->2549 2547->2546 2550 9b8f11 2548->2550 2551 9b8ed7-9b8f0f call 9b9379 call 9d2632 2548->2551 2552 9b9028-9b9054 call 9b956c call 9b93ea 2549->2552 2553 9b9091-9b9095 2549->2553 2557 9b8f18-9b8f26 2550->2557 2551->2550 2551->2557 2576 9b9080-9b908c call 9baacb 2552->2576 2577 9b9056 2552->2577 2553->2549 2554 9b909b-9b90a4 2553->2554 2560 9b90ad-9b91d6 call 9b956c call 9b944e call 9b9773 call 9baacb call 9b956c call 9b944e call 9b9773 call 9baacb call 9b956c call 9b944e call 9b9773 call 9baacb call 9b956c call 9b944e call 9b9773 call 9baacb 2554->2560 2561 9b90a6 2554->2561 2558 9b8f48-9b8f4d 2557->2558 2559 9b8f28-9b8f42 call 9baacb 2557->2559 2566 9b8f69-9b8f70 2558->2566 2567 9b8f4f-9b8f64 call 9baacb 2558->2567 2559->2558 2615 9b91d8-9b91df RpcStringFreeW 2560->2615 2616 9b91e5-9b91ec 2560->2616 2561->2560 2566->2544 2573 9b8f72 2566->2573 2567->2566 2573->2541 2576->2553 2579 9b9218 2577->2579 2580 9b905c-9b9060 2577->2580 2584 9b921d call 9ba70e 2579->2584 2580->2576 2583 9b9062-9b907a 2580->2583 2583->2576 2587 9b9222 2584->2587 2615->2616 2617 9b91fa-9b9217 call 9baacb call a06983 2616->2617 2618 9b91ee-9b91f4 RegCloseKey 2616->2618 2618->2617
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExW.KERNELBASE(?,SetupVersion,00000000,00000000,?,00000004), ref: 009B8E91
                                                                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExW.KERNELBASE(?,UpdateVersion,00000000,00000000,?,00000004), ref: 009B8FAE
                                                                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExW.KERNELBASE(?,00A58F7C,00000000,00000000,?,00000208), ref: 009B9022
                                                                                                                                                                                                                                                                                                                                                                                  • RpcStringFreeW.RPCRT4(00000000), ref: 009B91DF
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.KERNELBASE(00000000), ref: 009B91F4
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: QueryValue$CloseFreeString
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: KillProcesses$RestartService$SetupVersion$StartService$StopService$UpdateVersion
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1457735283-2584227901
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 20464f73cb4c96564b33076e16a8e57b0351952f07643f13a22fd2c825ed23dc
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 1e20ae08ab24e7affaa7b8173edd73e3cde907ee7f36c990fd8129c714752200
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 20464f73cb4c96564b33076e16a8e57b0351952f07643f13a22fd2c825ed23dc
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 71816A30A112189FCB24EB54DE98BDDB7B9FB48314F1041D9E109A72A0DB749F89CF51
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D0D7D Relevance: 17.9, APIs: 7, Strings: 3, Instructions: 387registryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 2623 9d0d7d-9d0dcd call a06992 call 9baaed call 9bbead RegOpenKeyExW 2630 9d11d3-9d11d7 2623->2630 2631 9d0dd3-9d0de7 2623->2631 2634 9d11d9-9d11dc RegCloseKey 2630->2634 2635 9d11e2-9d11e6 2630->2635 2632 9d0ded-9d0e23 call 9baaed call 9ba4d3 2631->2632 2633 9d0fd8-9d0ff2 RegOpenKeyExW 2631->2633 2649 9d0fa6-9d0fba RegEnumValueW call 9bd778 2632->2649 2633->2630 2637 9d0ff8-9d1000 2633->2637 2634->2635 2638 9d11e8-9d11eb RegCloseKey 2635->2638 2639 9d11f1-9d1207 call 9baacb call a06960 2635->2639 2637->2635 2641 9d1006-9d1033 call 9baaed call 9ba4d3 2637->2641 2638->2639 2654 9d11ab-9d11bf RegEnumValueW call 9bd778 2641->2654 2657 9d0e28-9d0e2c 2649->2657 2658 9d0fc0-9d0fd3 call 9baacb 2649->2658 2665 9d1038-9d103c 2654->2665 2666 9d11c5-9d11ce call 9baacb 2654->2666 2659 9d0e2e 2657->2659 2660 9d0e33-9d0e53 call 9d0a8e 2657->2660 2658->2633 2663 9d0f5e-9d0fa5 call 9baacb call 9baaed call 9ba4d3 2659->2663 2676 9d0e59-9d0e79 call 9baaed * 2 2660->2676 2677 9d0f50-9d0f55 2660->2677 2663->2649 2669 9d103e 2665->2669 2670 9d1043-9d1064 call 9d0a8e 2665->2670 2666->2630 2674 9d1164-9d11aa call 9baacb call 9baaed call 9ba4d3 2669->2674 2686 9d106a-9d108b call 9baaed * 2 2670->2686 2687 9d1157-9d1159 2670->2687 2674->2654 2704 9d0e7c-9d0e85 2676->2704 2677->2663 2678 9d0f57-9d0f5d call a0f917 2677->2678 2678->2663 2708 9d108e-9d1097 2686->2708 2689 9d115b-9d1161 call a0f917 2687->2689 2690 9d1162 2687->2690 2689->2690 2690->2674 2704->2704 2706 9d0e87-9d0e8b 2704->2706 2709 9d0f2f-9d0f4d call 9baacb * 2 2706->2709 2710 9d0e91 2706->2710 2708->2708 2711 9d1099 2708->2711 2709->2677 2712 9d0e94-9d0eed call 9d3536 call 9ba4d3 call 9d3536 call 9ba4d3 call 9cbc16 call 9bd778 * 2 2710->2712 2714 9d112c-9d1130 2711->2714 2751 9d0f0f-9d0f14 2712->2751 2752 9d0eef-9d0ef6 2712->2752 2718 9d109e-9d10f7 call 9d3536 call 9ba4d3 call 9d3536 call 9ba4d3 call 9cbc16 call 9bd778 * 2 2714->2718 2719 9d1136-9d1154 call 9baacb * 2 2714->2719 2756 9d1119-9d111e 2718->2756 2757 9d10f9-9d1100 2718->2757 2719->2687 2755 9d0f17-9d0f20 2751->2755 2752->2751 2754 9d0ef8-9d0eff 2752->2754 2754->2751 2758 9d0f01-9d0f0c call 9d0b06 2754->2758 2755->2755 2759 9d0f22-9d0f26 2755->2759 2762 9d1121-9d112a 2756->2762 2757->2756 2760 9d1102-9d1109 2757->2760 2758->2751 2759->2712 2763 9d0f2c 2759->2763 2760->2756 2764 9d110b-9d1116 call 9d0b06 2760->2764 2762->2714 2762->2762 2763->2709 2764->2756
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009D0D84
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.KERNELBASE(80000002,?,00000000,00020019,?,?,00000104,009CCCA8), ref: 009D0DC5
                                                                                                                                                                                                                                                                                                                                                                                  • RegEnumValueW.ADVAPI32(?,00000000,00000000,00000100,?,00000000,?,00000000,?), ref: 009D0FA7
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D0A8E: RegOpenKeyExW.KERNELBASE(00000000,00000100,00000000), ref: 009D0ABB
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D0A8E: RegCloseKey.ADVAPI32(00000000), ref: 009D0AFA
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D0B06: __EH_prolog3.LIBCMT ref: 009D0B0D
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D0B06: GetLongPathNameW.KERNEL32(?,00000000,00000104), ref: 009D0C0B
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.ADVAPI32(?,Protected,00000000,00020019,?), ref: 009D0FEA
                                                                                                                                                                                                                                                                                                                                                                                  • RegEnumValueW.ADVAPI32(?,00000000,00000000,00000100,?,00000000,?,00000000,?), ref: 009D11AC
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 009D11DC
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 009D11EB
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CloseOpen$EnumH_prolog3Value$LongNamePath
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: MoveFile | %[^|] | %[^|] $Protected$SYSTEM\Software\%s\Icarus\Pending Operations
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1599080435-4144328247
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b79ea7c75577ce28861fc4edd9606cf0ae2696f1b8f7d0257b3ea70e5c5351e0
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 5a4ceafe92c96b0691458d85bcdc073a6aa2d489134d90ce4c55202abd28743b
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b79ea7c75577ce28861fc4edd9606cf0ae2696f1b8f7d0257b3ea70e5c5351e0
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 76E17F72D00109AFCF18DBE4DD85AFEB7B9AF94314F14846AE512B3281EB346E45CB61
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A1245B Relevance: 17.8, APIs: 9, Strings: 1, Instructions: 273COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 2768 a1245b-a1248b call a12191 2771 a124a6-a124b2 call a2344f 2768->2771 2772 a1248d-a12498 call a0ad5a 2768->2772 2777 a124b4-a124c9 call a0ad5a call a0ad6d 2771->2777 2778 a124cb-a12514 call a120fc 2771->2778 2779 a1249a-a124a1 call a0ad6d 2772->2779 2777->2779 2787 a12581-a1258a GetFileType 2778->2787 2788 a12516-a1251f 2778->2788 2789 a12780-a12784 2779->2789 2790 a125d3-a125d6 2787->2790 2791 a1258c-a125bd GetLastError call a0ad13 CloseHandle 2787->2791 2793 a12521-a12525 2788->2793 2794 a12556-a1257c GetLastError call a0ad13 2788->2794 2796 a125d8-a125dd 2790->2796 2797 a125df-a125e5 2790->2797 2791->2779 2805 a125c3-a125ce call a0ad6d 2791->2805 2793->2794 2798 a12527-a12554 call a120fc 2793->2798 2794->2779 2802 a125e9-a12637 call a2339a 2796->2802 2797->2802 2803 a125e7 2797->2803 2798->2787 2798->2794 2811 a12656-a1267e call a11eae 2802->2811 2812 a12639-a12645 call a1230b 2802->2812 2803->2802 2805->2779 2818 a12680-a12681 2811->2818 2819 a12683-a126c4 2811->2819 2812->2811 2817 a12647 2812->2817 2820 a12649-a12651 call a13756 2817->2820 2818->2820 2821 a126e5-a126f3 2819->2821 2822 a126c6-a126ca 2819->2822 2820->2789 2825 a126f9-a126fd 2821->2825 2826 a1277e 2821->2826 2822->2821 2824 a126cc-a126e0 2822->2824 2824->2821 2825->2826 2828 a126ff-a12732 CloseHandle call a120fc 2825->2828 2826->2789 2831 a12734-a12760 GetLastError call a0ad13 call a23562 2828->2831 2832 a12766-a1277a 2828->2832 2831->2832 2832->2826
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00A120FC: CreateFileW.KERNELBASE(00000000,00000000,?,00A12504,?,?,00000000,?,00A12504,00000000,0000000C), ref: 00A12119
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00A1256F
                                                                                                                                                                                                                                                                                                                                                                                  • __dosmaperr.LIBCMT ref: 00A12576
                                                                                                                                                                                                                                                                                                                                                                                  • GetFileType.KERNELBASE(00000000), ref: 00A12582
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000000), ref: 00A1258C
                                                                                                                                                                                                                                                                                                                                                                                  • __dosmaperr.LIBCMT ref: 00A12595
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000), ref: 00A125B5
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000), ref: 00A12702
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 00A12734
                                                                                                                                                                                                                                                                                                                                                                                  • __dosmaperr.LIBCMT ref: 00A1273B
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorLast__dosmaperr$CloseFileHandle$CreateType
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: H
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 4237864984-2852464175
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 602427add240fac159b8d5ed260d5a3e205f502327276eed031b69632fc2bcb5
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: b7d7f65e2581fb3063fd12ed824b677d5443034e15b1932b7dd2e94fa06489bb
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 602427add240fac159b8d5ed260d5a3e205f502327276eed031b69632fc2bcb5
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 2AA13632A142189FCF19DFA8EC91BEE3BA1AB06320F144159F815EF2D1D735D9A2CB51
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E7E90 Relevance: 17.7, APIs: 8, Strings: 2, Instructions: 180fileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 2837 9e7e90-9e7ecf GetFileSizeEx 2838 9e7ed5-9e7edf 2837->2838 2839 9e7ff2-9e800f GetLastError call 9e8c20 call a07f70 2837->2839 2841 9e7efe-9e7f62 call 9f5220 2838->2841 2842 9e7ee1 2838->2842 2851 9e8014-9e8081 call 9d3f59 call 9d3e49 call a07f70 2839->2851 2849 9e7f64-9e7f66 2841->2849 2850 9e7fd1-9e7fed call 9ce140 call a07f70 2841->2850 2845 9e7ee3-9e7efd call a05c9e 2842->2845 2849->2850 2854 9e7f68 2849->2854 2850->2839 2872 9e808a-9e80a8 2851->2872 2873 9e8083-9e8084 UnmapViewOfFile 2851->2873 2857 9e7f6e-9e7f71 2854->2857 2858 9e7f6a-9e7f6c 2854->2858 2857->2851 2861 9e7f77-9e7f95 call 9e7d70 2857->2861 2858->2850 2858->2857 2867 9e7f9e-9e7faa 2861->2867 2868 9e7f97-9e7f98 UnmapViewOfFile 2861->2868 2870 9e7fac-9e7fad CloseHandle 2867->2870 2871 9e7fb3-9e7fc0 2867->2871 2868->2867 2870->2871 2876 9e7fc9-9e7fcc 2871->2876 2877 9e7fc2-9e7fc3 CloseHandle 2871->2877 2874 9e80aa-9e80ab CloseHandle 2872->2874 2875 9e80b1-9e80c4 2872->2875 2873->2872 2874->2875 2878 9e80cd-9e80e2 2875->2878 2879 9e80c6-9e80c7 CloseHandle 2875->2879 2876->2845 2877->2876 2879->2878
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetFileSizeEx.KERNEL32(?,?,11C5A2E7,?), ref: 009E7EC7
                                                                                                                                                                                                                                                                                                                                                                                  • UnmapViewOfFile.KERNEL32(00000000,?,?,11C5A2E7,?), ref: 009E7F98
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNELBASE(00000000,?,?,11C5A2E7,?), ref: 009E7FAD
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(FFFFFFFF,?,?,11C5A2E7,?), ref: 009E7FC3
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00A07F70: RaiseException.KERNEL32(E06D7363,00000001,00000003,009BA290,?,?,?,?,009BA290,?,00A6C4F0), ref: 00A07FD0
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(Unable to get file size!,?,?,11C5A2E7,?), ref: 009E7FF7
                                                                                                                                                                                                                                                                                                                                                                                  • UnmapViewOfFile.KERNEL32(?,11C5A2E7,?,00000000,00A32CC0,000000FF,?,?,00A6C5B4,11C5A2E7,Unable to retrieve pointer of the unmapped view!,?,00A6C5B4,00000000,?,?), ref: 009E8084
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,11C5A2E7,?,00000000,00A32CC0,000000FF,?,?,00A6C5B4,11C5A2E7,Unable to retrieve pointer of the unmapped view!,?,00A6C5B4,00000000,?,?), ref: 009E80AB
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,11C5A2E7,?,00000000,00A32CC0,000000FF,?,?,00A6C5B4,11C5A2E7,Unable to retrieve pointer of the unmapped view!,?,00A6C5B4,00000000,?,?), ref: 009E80C7
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • Unable to get file size!, xrefs: 009E7FF2
                                                                                                                                                                                                                                                                                                                                                                                  • Unable to retrieve pointer of the unmapped view!, xrefs: 009E8014
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CloseHandle$File$UnmapView$ErrorExceptionLastRaiseSize
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: Unable to get file size!$Unable to retrieve pointer of the unmapped view!
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1543839074-1313134473
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 052788be2931fd71622061cef6c7ac8ff5b43f659d008cf9eee866dcef267dbc
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 7375c099b72f1a88b2597cd2d28ed3db5ec95ded4ba9122ef6976717226be585
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 052788be2931fd71622061cef6c7ac8ff5b43f659d008cf9eee866dcef267dbc
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0B619B71D04748ABDB11DFE5CD08BEEBBB8FB49310F104A19F415A3280DB74AA05CB90
                                                                                                                                                                                                                                                                                                                                                                                  Function 009CDC39 Relevance: 17.6, APIs: 6, Strings: 4, Instructions: 137sleepfileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 2880 9cdc39-9cdc8f call a069c5 call 9ce6cc call 9baaed call a01190 2889 9cdc95-9cdc9a 2880->2889 2890 9cde01 2880->2890 2889->2890 2891 9cdca0-9cdcdb call 9ceeb3 call 9b951e call 9baacb 2889->2891 2892 9cde0b-9cde15 2890->2892 2910 9cdcec-9cdd07 call 9cce33 2891->2910 2911 9cdcdd-9cdce7 2891->2911 2894 9cde4c-9cde89 call a01260 call 9baacb call 9ce740 call a06974 2892->2894 2895 9cde17-9cde19 2892->2895 2897 9cde1a-9cde30 DeleteFileW GetLastError 2895->2897 2897->2894 2900 9cde32-9cde35 2897->2900 2903 9cde3c-9cde4a Sleep 2900->2903 2904 9cde37-9cde3a 2900->2904 2903->2894 2903->2897 2904->2894 2904->2903 2910->2892 2917 9cdd0d-9cdd30 call 9bc04f 2910->2917 2911->2892 2920 9cdd59-9cdd6e call 9d1f7f 2917->2920 2921 9cdd32-9cdd3c 2917->2921 2920->2921 2925 9cdd70-9cdd86 call a021b0 2920->2925 2921->2892 2922 9cdd42-9cdd54 CloseHandle 2921->2922 2922->2892 2927 9cdd8b-9cdd98 call a012f0 2925->2927 2930 9cddce-9cddf0 call 9d9c9d 2927->2930 2931 9cdd9a-9cddc9 call a019d0 call 9ce1d8 2927->2931 2930->2921 2936 9cddf6-9cddfc 2930->2936 2931->2921 2936->2921
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_GS.LIBCMT ref: 009CDC43
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,000000F4,009BBB8C), ref: 009CDD48
                                                                                                                                                                                                                                                                                                                                                                                  • DeleteFileW.KERNELBASE(?), ref: 009CDE20
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009CDE28
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8), ref: 009CDE41
                                                                                                                                                                                                                                                                                                                                                                                  • std::generic_category.LIBCPMTD ref: 009CDE5C
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CEEB3: __EH_prolog3_GS.LIBCMT ref: 009CEEBA
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CEEB3: UuidCreate.RPCRT4(?), ref: 009CEF14
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CEEB3: UuidToStringW.RPCRT4(?,00000000), ref: 009CEF2D
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CEEB3: GetTickCount.KERNEL32 ref: 009CEF4A
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CEEB3: RpcStringFreeW.RPCRT4(00000000), ref: 009CEFA3
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3_StringUuid$CloseCountCreateDeleteErrorFileFreeHandleLastSleepTickstd::generic_category
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: .xml$PrepareRemoteUpdateDescriptor$W$XML is not valid: "%hs" error:%u, file offset:%u
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2567868564-1065631488
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 6fb718ddfd44f884454114ec0f9b27ab7ea9cd506ed52538e1194129aede3b3c
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: bf2110da0fa6accdd548d910cdc81eeb47a2307077f08f6efe58bb9cf1cb0fda
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 6fb718ddfd44f884454114ec0f9b27ab7ea9cd506ed52538e1194129aede3b3c
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D3515930C012A9DEDB21EBA4CD45BEEBB74AF54310F0485EAE40A7B191DB705E85DF62
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E55F1 Relevance: 17.6, APIs: 7, Strings: 3, Instructions: 87timeCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule

                                                                                                                                                                                                                                                                                                                                                                                  Control-flow Graph

                                                                                                                                                                                                                                                                                                                                                                                  • Executed
                                                                                                                                                                                                                                                                                                                                                                                  • Not Executed
                                                                                                                                                                                                                                                                                                                                                                                  control_flow_graph 2939 9e55f1-9e562a call a06992 call 9ce6cc CreateWaitableTimerW 2944 9e562c-9e5635 GetLastError 2939->2944 2945 9e5637-9e565c call a06aa0 SetWaitableTimer 2939->2945 2946 9e5698-9e569f 2944->2946 2953 9e565e-9e5667 GetLastError 2945->2953 2954 9e5685-9e568c call 9e553d 2945->2954 2949 9e56ac-9e56af 2946->2949 2950 9e56a1-9e56ab call 9ce1d8 2946->2950 2951 9e56e8-9e56fe call 9ce740 call a06960 2949->2951 2952 9e56b1-9e56c4 call 9b9ba2 2949->2952 2950->2949 2952->2951 2964 9e56c6-9e56e3 call 9d2712 call 9b951e call 9baacb 2952->2964 2957 9e5691-9e5692 CloseHandle 2953->2957 2965 9e568e 2954->2965 2966 9e5669-9e567b WaitForSingleObject 2954->2966 2957->2946 2964->2951 2965->2957 2966->2957 2969 9e567d-9e5683 2966->2969 2969->2954 2972 9e56ff-9e5706 2969->2972 2972->2957
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009E55F8
                                                                                                                                                                                                                                                                                                                                                                                  • CreateWaitableTimerW.KERNEL32(00000000,00000001,00000000), ref: 009E5620
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009E562C
                                                                                                                                                                                                                                                                                                                                                                                  • SetWaitableTimer.KERNELBASE(00000000,?,00000000,00000000,00000000,00000000,?,00000000,FFFFD8F0,000000FF), ref: 009E5654
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,00000000,FFFFD8F0,000000FF), ref: 009E565E
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000,?,00000000,FFFFD8F0,000000FF), ref: 009E5692
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorLastTimerWaitable$CloseCreateH_prolog3Handle
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: ERR$Internet connection not available$WaitForInternetConnection
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 757872522-1940837237
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 2a1473ef32fe5ca8f2e858208c153c3c8932a81d1a5daa50deaf707934e11f0f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ac5cbaace405f485d5b11ecb63c6636e5ac101d897b08a481b781f238c0c9cf0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2a1473ef32fe5ca8f2e858208c153c3c8932a81d1a5daa50deaf707934e11f0f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: EC31BC70D0065AAFEB11EBA1CC85AAF7638BF50758F510529F412B2181DBB45E418B61
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D908C Relevance: 17.6, APIs: 6, Strings: 4, Instructions: 61registryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_GS.LIBCMT ref: 009D9093
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.KERNELBASE(00000000,00000100,?,UpdateLastAppliedPatch,?,00000030,009D94F1), ref: 009D90D0
                                                                                                                                                                                                                                                                                                                                                                                  • __cftof.LIBCMT ref: 009D90F6
                                                                                                                                                                                                                                                                                                                                                                                  • WritePrivateProfileStringW.KERNEL32(Config,LastAppliedPatchId,?), ref: 009D9116
                                                                                                                                                                                                                                                                                                                                                                                  • RegSetValueExW.KERNELBASE(?,LastAppliedPatchId,00000000,00000004,00A72538,00000004), ref: 009D9133
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,00000298,009BBB52), ref: 009D913F
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CloseH_prolog3_OpenPrivateProfileStringValueWrite__cftof
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: Config$LastAppliedPatchId$Unable to open product registry key gle=%u$UpdateLastAppliedPatch
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3824723578-1593627930
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 2b39b9527118560192a68cb17a0a3cc8ddc689aca00902282941aebc2e2aaadd
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: c214f95cc1b2731784a3c88ad44fb4f18d8ecb8da4cd4974dcd58741c25dcf9f
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2b39b9527118560192a68cb17a0a3cc8ddc689aca00902282941aebc2e2aaadd
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 22213371E80218BEEB14EBE4EC4AEDEBB38FB18762F008015F915B22A0E7345545CB60
                                                                                                                                                                                                                                                                                                                                                                                  Function 009F2500 Relevance: 16.8, APIs: 11, Instructions: 282fileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009BA9D6: __EH_prolog3.LIBCMT ref: 009BA9DD
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009BA9D6: GetProcessHeap.KERNEL32(00000000,009B9655,11C5A2E7,?,00A2C400,000000FF), ref: 009BAA10
                                                                                                                                                                                                                                                                                                                                                                                  • GetSystemDirectoryW.KERNEL32(00000000,00000104), ref: 009F25E4
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,00000000,?,?,00A3333D), ref: 009F25EE
                                                                                                                                                                                                                                                                                                                                                                                  • GetVolumePathNameW.KERNELBASE(00000000,00000010,00000104,00000000,?,?,00A3333D), ref: 009F2665
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,?,00A3333D), ref: 009F266F
                                                                                                                                                                                                                                                                                                                                                                                  • GetVolumeNameForVolumeMountPointW.KERNELBASE(00000010,00000010,00000104,?,?,?,?,?,00A3333D), ref: 009F26D3
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,?,?,?,?,00A3333D), ref: 009F26DD
                                                                                                                                                                                                                                                                                                                                                                                  • CreateFileW.KERNELBASE(00000010,00000000,00000003,00000000,00000003,00000000,00000000,?,?,?,?,?,?,?,00A3333D), ref: 009F278D
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,?,?,?,?,?,?,00A3333D), ref: 009F279B
                                                                                                                                                                                                                                                                                                                                                                                  • DeviceIoControl.KERNELBASE(00000000,002D1080,00000000,00000000,?,0000000C,00000000,00000000), ref: 009F27BB
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,?,?,?,?,?,?,00A3333D), ref: 009F27C5
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,?,?,?,?,?,?,00A3333D), ref: 009F27DD
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorLast$Volume$Name$CloseControlCreateDeviceDirectoryFileH_prolog3HandleHeapMountPathPointProcessSystem
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2898350509-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 441199ac9b7cf24928baed4f4641a7211863829dc0f1ab7bc97bfecba9720e3f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 3bc2504153525644894ed4f3565a373568f06e399312f54f5dc637bc89a66699
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 441199ac9b7cf24928baed4f4641a7211863829dc0f1ab7bc97bfecba9720e3f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: ECB16170A006099FDB10DFA9CD89BBEBBB5FF48714F104529E641E7290EBB4AD41CB51
                                                                                                                                                                                                                                                                                                                                                                                  Function 009F30D0 Relevance: 16.0, APIs: 7, Strings: 2, Instructions: 227fileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009BA9D6: __EH_prolog3.LIBCMT ref: 009BA9DD
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009BA9D6: GetProcessHeap.KERNEL32(00000000,009B9655,11C5A2E7,?,00A2C400,000000FF), ref: 009BAA10
                                                                                                                                                                                                                                                                                                                                                                                  • CreateFileW.KERNELBASE(?,C0000000,00000003,00000000,00000003,00000000,00000000), ref: 009F317E
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009F318C
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?), ref: 009F334A
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CloseCreateErrorFileH_prolog3HandleHeapLastProcess
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: SCSIDISK$\\.\Scsi%u:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 4270043550-3530472383
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 9514d2ce071f2be32d63dbdcacaaa5f082324d7ebcac4abd2847cf129cd85dfb
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: fca780816f8f029d4041a09777ba67be724fd829b217dbdb1fd684832e61a79f
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9514d2ce071f2be32d63dbdcacaaa5f082324d7ebcac4abd2847cf129cd85dfb
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E491A370900209DFDB11DFA8C985BEEBBF4FF08314F248559E911BB292DB759A44CBA1
                                                                                                                                                                                                                                                                                                                                                                                  Function 009BBA0C Relevance: 12.4, APIs: 2, Strings: 5, Instructions: 148COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • FreeLibrary.KERNEL32(00000000,FreeSchedulerInterface,?), ref: 009BBC4B
                                                                                                                                                                                                                                                                                                                                                                                  • CoUninitialize.COMBASE(?,?,?,FreeSchedulerInterface,?), ref: 009BBC8F
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009BBD08: __EH_prolog3.LIBCMT ref: 009BBD0F
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • FreeSchedulerInterface, xrefs: 009BBC0E
                                                                                                                                                                                                                                                                                                                                                                                  • Press any key to exit console..., xrefs: 009BBC79
                                                                                                                                                                                                                                                                                                                                                                                  • _tWinMain final result: %u, xrefs: 009BBC52
                                                                                                                                                                                                                                                                                                                                                                                  • Cannot open offline XML descriptor %s: %li, xrefs: 009BBA43
                                                                                                                                                                                                                                                                                                                                                                                  • file://, xrefs: 009BBA66
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: FreeH_prolog3LibraryUninitialize
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: Press any key to exit console...$Cannot open offline XML descriptor %s: %li$FreeSchedulerInterface$_tWinMain final result: %u$file://
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 808805345-210552803
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b4159705089bfacea03e8e1561fa849c667ebb6d561837a51c3d098726c21330
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 429004a6d24e7213bebdd67ae9e17fa9ba8691ad8270b424fee4b910a22cb420
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b4159705089bfacea03e8e1561fa849c667ebb6d561837a51c3d098726c21330
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: AE51E330904249DAEF14EBA8DF5ABED7B79AF80324F14845CE4422B1D2DFB55E8AC711
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D1A92 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 104registryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.KERNELBASE(00000000,00000100,?), ref: 009D1AC6
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.KERNELBASE(?,EmUpdateVolatile,00000000,00020006,?), ref: 009D1AE8
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D0A8E: RegOpenKeyExW.KERNELBASE(00000000,00000100,00000000), ref: 009D0ABB
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D0A8E: RegCloseKey.ADVAPI32(00000000), ref: 009D0AFA
                                                                                                                                                                                                                                                                                                                                                                                  • RegDeleteValueW.ADVAPI32(?,PendingNotifications), ref: 009D1B7A
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 009D1B92
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 009D1B9D
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CloseOpen$DeleteValue
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: EmUpdateVolatile$PendingNotifications
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3596760766-3320875912
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: ba59ece002c9f3588805d457c6a1cd0ee5461dddfe305addb882a70dca222287
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: aa246c24af9a35f9939af6ac0c6b2be9820101f9cdf3da05cc7416a85794ab51
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ba59ece002c9f3588805d457c6a1cd0ee5461dddfe305addb882a70dca222287
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8E31A176D40209BBCB15DFA4DD81EAEBBBAFBC8710F15806AE50563314E7399E05CB50
                                                                                                                                                                                                                                                                                                                                                                                  Function 009CEEB3 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 103COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: StringUuid$CountCreateFreeH_prolog3_Tick
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %I64d$MakeTemporaryFileName
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3903824495-1134303861
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 5dba18bcdf938ea380e480695680ea3f6d3d830b0b1dd27683b5e0870e2a6741
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 1c221f214706e8b2a3cf2b19860a40e31d167ea7e9d40d14cf262e2f2e0a648f
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5dba18bcdf938ea380e480695680ea3f6d3d830b0b1dd27683b5e0870e2a6741
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0A315071D00248ABDB14EBE4DD4AFDEBBB8AF44315F00442DF106EB191DB789945CB52
                                                                                                                                                                                                                                                                                                                                                                                  Function 009F5150 Relevance: 12.3, APIs: 5, Strings: 2, Instructions: 90COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetFileSizeEx.KERNEL32(009F523C,?,?,FFFFFFFF,?,?,?,?,?,?,?,009F523C,?), ref: 009F517A
                                                                                                                                                                                                                                                                                                                                                                                  • CreateFileMappingW.KERNELBASE(009F523C,00000000,00000002,?,?,00000000,?,?,?,?,?,?,?,009F523C,?), ref: 009F519F
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,?,?,?,?,?,?,009F523C,?,?,?,?,?,?,11C5A2E7), ref: 009F51AF
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(Unable to get file size!,?,?,?,?,?,?,?,009F523C,?,?,?,?,?,?,11C5A2E7), ref: 009F51DE
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(Unable to create file mapping!,?,00A6C5B4,00000000,?,?,?,?,?,?,?,009F523C,?), ref: 009F5200
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • Unable to create file mapping!, xrefs: 009F51FB
                                                                                                                                                                                                                                                                                                                                                                                  • Unable to get file size!, xrefs: 009F51D9
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorFileLast$CloseCreateHandleMappingSize
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: Unable to create file mapping!$Unable to get file size!
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1040420615-1879323020
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 977c2a3a99333c8de6d7ca5757ab41d29750b5a1dd413ede808723899f3580c9
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 8690c1300dd05cb9c00d130d9e76e5761e3f9e84ed02e76479f9c8306f4d9faa
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 977c2a3a99333c8de6d7ca5757ab41d29750b5a1dd413ede808723899f3580c9
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: AF218671604708ABD724EFA5DD4ABAFBBFCAB48700F104619F641A3291DB70BD0587A1
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D2712 Relevance: 10.7, APIs: 3, Strings: 3, Instructions: 194COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_GS.LIBCMT ref: 009D271C
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009B956C: __EH_prolog3.LIBCMT ref: 009B9573
                                                                                                                                                                                                                                                                                                                                                                                  • GetModuleFileNameW.KERNEL32(00000000,?,00000104), ref: 009D298C
                                                                                                                                                                                                                                                                                                                                                                                  • GetFileAttributesExW.KERNEL32(?,00000000,?), ref: 009D29A2
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: File$AttributesH_prolog3H_prolog3_ModuleName
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: ERR$country":"$https://ip-info.ff.avast.com/v2/info
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2289533791-1930018806
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: f995ac7614dfc50e96d7b2043dc37450fb556a6d954c0fc54a5e253b9c892a82
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 6b228a264567538fc314b9310f70f517fe2d8a5a4b6ac5a1f47e34e5d8e14fe9
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f995ac7614dfc50e96d7b2043dc37450fb556a6d954c0fc54a5e253b9c892a82
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8271E07194021C9BCB29DB64CE96BEDB3B8BF64314F1081DAE109A72C1DB749E84CF61
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D068A Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 170registryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.KERNELBASE(00000000,00000100,?), ref: 009D06DB
                                                                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExW.KERNELBASE(?,?,00000000,?,00000000,?), ref: 009D072D
                                                                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExW.ADVAPI32(?,?,00000000,00000007,00000000,?), ref: 009D0778
                                                                                                                                                                                                                                                                                                                                                                                  • RegSetValueExW.KERNELBASE(?,?,00000000,00000007,00000000,?), ref: 009D0806
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 009D081C
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • Unable to open product registry key gle=%u, xrefs: 009D06E8
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Value$Query$CloseOpen
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: Unable to open product registry key gle=%u
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 97533537-2589650119
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 8f320b84fec313926b4212005010505df26eced532de53e4ccbfd1dfd7441a61
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: d562acb017e36627392c8a6e85ee31865ada183fd07bf082826128695f21f6bd
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8f320b84fec313926b4212005010505df26eced532de53e4ccbfd1dfd7441a61
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D7519272D40219AFDB24CBA8DD41BBFB7BCEF84754F14846AE905E7340E630AE409B90
                                                                                                                                                                                                                                                                                                                                                                                  Function 009CFCA5 Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 170COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009CFCAC
                                                                                                                                                                                                                                                                                                                                                                                  • CreateDirectoryW.KERNELBASE(?,00000000,?,?,00000010,009CCFEE), ref: 009CFD39
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,?,00000010,009CCFEE), ref: 009CFD47
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009BBD08: __EH_prolog3.LIBCMT ref: 009BBD0F
                                                                                                                                                                                                                                                                                                                                                                                  • CreateDirectoryW.KERNEL32(?,00000000,?,00000000,0000005C,00000001,?,?,00000010,009CCFEE), ref: 009CFE57
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,?,00000010,009CCFEE), ref: 009CFE61
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CreateDirectoryErrorH_prolog3Last
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: \\?\%s
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2207309987-3682370727
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b990c255f99b72daac62435e0a11baf80b3e3d5940acfc2f37e3e58d980002f5
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 09d80c1b50ae2cadc87e21295bd759da18b2ea28f57013c011c766aa7e235aaa
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b990c255f99b72daac62435e0a11baf80b3e3d5940acfc2f37e3e58d980002f5
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8451AF31D0021A9BDB14EBE8DD95FFEB779AF54324F100668F522A71E2EB705A04C762
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D1208 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 142registryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009D120F
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009B956C: __EH_prolog3.LIBCMT ref: 009B9573
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.KERNELBASE(80000002,SYSTEM\CurrentControlSet\Control\Session Manager,00000000,00020019,00000000,PendingFileRenameOperations2,PendingFileRenameOperations,00000024,009D1416,00A72544,?,00A7254C,?,00000104,009CCCA8), ref: 009D1255
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 009D139B
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D0A8E: RegOpenKeyExW.KERNELBASE(00000000,00000100,00000000), ref: 009D0ABB
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D0A8E: RegCloseKey.ADVAPI32(00000000), ref: 009D0AFA
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • SYSTEM\CurrentControlSet\Control\Session Manager, xrefs: 009D124B
                                                                                                                                                                                                                                                                                                                                                                                  • PendingFileRenameOperations2, xrefs: 009D1230
                                                                                                                                                                                                                                                                                                                                                                                  • PendingFileRenameOperations, xrefs: 009D121D
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CloseH_prolog3Open
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: PendingFileRenameOperations$PendingFileRenameOperations2$SYSTEM\CurrentControlSet\Control\Session Manager
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1945153390-2115312317
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: ba615e2caa819e42d3b2c09efa49a67423a05fa753757ea134da42752e821187
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: d2ea979e42959088cc6149ade7d42c823169b8699ab0487c90ce5803873aeb8e
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ba615e2caa819e42d3b2c09efa49a67423a05fa753757ea134da42752e821187
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A151AC71D4020AAFDF14DFA4C986BFEB378BF54318F148459EA12A7281EB756A04CB60
                                                                                                                                                                                                                                                                                                                                                                                  Function 009F5300 Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 113fileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • UnmapViewOfFile.KERNEL32(?,11C5A2E7,009F523C,?,00000000,?,?,?,?,?,?,?,00000000,00A3369D,000000FF), ref: 009F5375
                                                                                                                                                                                                                                                                                                                                                                                  • MapViewOfFile.KERNELBASE(?,00000000,00000000,00000000,00000000,11C5A2E7,009F523C,?,00000000), ref: 009F53A2
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(Unable to create mapping view!,?,00A6C5B4,009F523C,Unable to map a view of uninitialized mapping!,11C5A2E7,009F523C,?,00000000), ref: 009F5408
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • Unable to map a view of uninitialized mapping!, xrefs: 009F53D5
                                                                                                                                                                                                                                                                                                                                                                                  • Unable to map a view outside of the file mapping!, xrefs: 009F53CC
                                                                                                                                                                                                                                                                                                                                                                                  • Unable to create mapping view!, xrefs: 009F5403
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: FileView$ErrorLastUnmap
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: Unable to create mapping view!$Unable to map a view of uninitialized mapping!$Unable to map a view outside of the file mapping!
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2514763941-1948104343
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 735c12e2c33db19b946723eabcb5792cb614410815565bf625bf2baa6412ce27
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 92f4ba3112a5c9e509e7b70eb992bdacec916a0b98ece8267b8553726a1954b7
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 735c12e2c33db19b946723eabcb5792cb614410815565bf625bf2baa6412ce27
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FB318471904B08ABC714DFA5DC45BAFB7B8FF58700F104A1DF552A3690DB75A904CB60
                                                                                                                                                                                                                                                                                                                                                                                  Function 009BBB58 Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 92COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • FreeLibrary.KERNEL32(00000000,FreeSchedulerInterface,?), ref: 009BBC4B
                                                                                                                                                                                                                                                                                                                                                                                  • CoUninitialize.COMBASE(?,?,?,FreeSchedulerInterface,?), ref: 009BBC8F
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • FreeSchedulerInterface, xrefs: 009BBC0E
                                                                                                                                                                                                                                                                                                                                                                                  • Press any key to exit console..., xrefs: 009BBC79
                                                                                                                                                                                                                                                                                                                                                                                  • _tWinMain final result: %u, xrefs: 009BBC52
                                                                                                                                                                                                                                                                                                                                                                                  • Error applying patches status:%li, xrefs: 009BBB65
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: FreeLibraryUninitialize
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: Press any key to exit console...$Error applying patches status:%li$FreeSchedulerInterface$_tWinMain final result: %u
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2820425437-3248502620
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 5846eac88c74edf2f7de71db46a4a0384b08ea8d7bf2f35627b88f46cc83192b
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 46e47806d662f599c791ffdd67308aaf875a59fb2639f9709e38313055e82456
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5846eac88c74edf2f7de71db46a4a0384b08ea8d7bf2f35627b88f46cc83192b
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1531A630904289DEEF15EBA8CF99BEDBB64AF50329F14445CE0412B1D2DFB55A4AC712
                                                                                                                                                                                                                                                                                                                                                                                  Function 009BBB92 Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 91COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • FreeLibrary.KERNEL32(00000000,FreeSchedulerInterface,?), ref: 009BBC4B
                                                                                                                                                                                                                                                                                                                                                                                  • CoUninitialize.COMBASE(?,?,?,FreeSchedulerInterface,?), ref: 009BBC8F
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009BAFE9: __EH_prolog3.LIBCMT ref: 009BAFF0
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • FreeSchedulerInterface, xrefs: 009BBC0E
                                                                                                                                                                                                                                                                                                                                                                                  • Press any key to exit console..., xrefs: 009BBC79
                                                                                                                                                                                                                                                                                                                                                                                  • _tWinMain final result: %u, xrefs: 009BBC52
                                                                                                                                                                                                                                                                                                                                                                                  • Cannot download update descriptor status:%li, xrefs: 009BBB93
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: FreeH_prolog3LibraryUninitialize
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: Press any key to exit console...$Cannot download update descriptor status:%li$FreeSchedulerInterface$_tWinMain final result: %u
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 808805345-3517245302
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: f3497f08258776360d3d96cf3fe20e5b7aadfc27bee4fadc363958d76a874bf5
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 0e32ab815145e9dc4c6a46d1b40512407f5b7d149472817c16f461d4ceafd6a6
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f3497f08258776360d3d96cf3fe20e5b7aadfc27bee4fadc363958d76a874bf5
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 67318430904289DEEF15EBA8DF99BECBB74AF50329F14445CE0421B1D2DFB55A8AC712
                                                                                                                                                                                                                                                                                                                                                                                  Function 009BBBCA Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 91COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • FreeLibrary.KERNEL32(00000000,FreeSchedulerInterface,?), ref: 009BBC4B
                                                                                                                                                                                                                                                                                                                                                                                  • CoUninitialize.COMBASE(?,?,?,FreeSchedulerInterface,?), ref: 009BBC8F
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • FreeSchedulerInterface, xrefs: 009BBC0E
                                                                                                                                                                                                                                                                                                                                                                                  • Press any key to exit console..., xrefs: 009BBC79
                                                                                                                                                                                                                                                                                                                                                                                  • _tWinMain final result: %u, xrefs: 009BBC52
                                                                                                                                                                                                                                                                                                                                                                                  • Error applying patches status:%li, xrefs: 009BBBD9
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: FreeLibraryUninitialize
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: Press any key to exit console...$Error applying patches status:%li$FreeSchedulerInterface$_tWinMain final result: %u
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2820425437-3248502620
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b8a2345357df1fe4b94f364a506bfd84bc421558e05f7e1445d6dbb65d6acd56
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: bc55a088df3d489d1e9d3fa449059fd6f39fa8901486640a1ce915c940752074
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b8a2345357df1fe4b94f364a506bfd84bc421558e05f7e1445d6dbb65d6acd56
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5031A430904289DEEF15EBA8CB99BECBB74AF50329F14445CE4412B1D1DFB55E4AC712
                                                                                                                                                                                                                                                                                                                                                                                  Function 009BBBB7 Relevance: 10.6, APIs: 2, Strings: 4, Instructions: 85COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • FreeLibrary.KERNEL32(00000000,FreeSchedulerInterface,?), ref: 009BBC4B
                                                                                                                                                                                                                                                                                                                                                                                  • CoUninitialize.COMBASE(?,?,?,FreeSchedulerInterface,?), ref: 009BBC8F
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009BAFE9: __EH_prolog3.LIBCMT ref: 009BAFF0
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • FreeSchedulerInterface, xrefs: 009BBC0E
                                                                                                                                                                                                                                                                                                                                                                                  • Press any key to exit console..., xrefs: 009BBC79
                                                                                                                                                                                                                                                                                                                                                                                  • _tWinMain final result: %u, xrefs: 009BBC52
                                                                                                                                                                                                                                                                                                                                                                                  • No update available, xrefs: 009BBBB7
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: FreeH_prolog3LibraryUninitialize
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: Press any key to exit console...$FreeSchedulerInterface$No update available$_tWinMain final result: %u
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 808805345-1911703095
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: c74fbe34b37e483625508b1915304179ccc591f7273263e4fb8d15c9c96cf840
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: d5726535327892a8772018df098334d4a239de2f0011a52f5664da1359354caa
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c74fbe34b37e483625508b1915304179ccc591f7273263e4fb8d15c9c96cf840
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 98318530904289DEEF15EBA8CB99BECBB74BF50319F14445CE0421B1D2DBB55A4AC712
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A12F04 Relevance: 9.3, APIs: 6, Instructions: 298COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: aef73679383a5eb981ef8e52d5b48e2841b2881e3563fa5dbb7e35631c8719e8
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: b97eb4e14e612cfbcd81d8ef971e1edded890676f9b21072d80198db98dfb2cc
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: aef73679383a5eb981ef8e52d5b48e2841b2881e3563fa5dbb7e35631c8719e8
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0CB1D672A00349AFDF11DF99D980BEDBBB1AF59300F148259F459AB391C7709E82CB61
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D141F Relevance: 8.9, APIs: 3, Strings: 2, Instructions: 157registryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009D1426
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.KERNELBASE(00000000,00000100,?,00A72628,?,00000034,009CCCFA), ref: 009D1475
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 009D15A8
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D0A8E: RegOpenKeyExW.KERNELBASE(00000000,00000100,00000000), ref: 009D0ABB
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D0A8E: RegCloseKey.ADVAPI32(00000000), ref: 009D0AFA
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CloseOpen$H_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %u = %I64u $MicroUpdates
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1536373819-560812111
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 3ec0a9833fa90c3891b53f48a2042b3283121f1097dc168b7364a5809e7f248e
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 15cf17f1f99e1443ae45d488a38fa616c63270aa0ee5f9aa524fe0b9974912e1
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3ec0a9833fa90c3891b53f48a2042b3283121f1097dc168b7364a5809e7f248e
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 75516C72D00219AFCF15DF94DD81AAEB7B9EB48310F10856AE816A7251E734AE45CB60
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D2632 Relevance: 7.6, APIs: 5, Instructions: 84COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetFileVersionInfoSizeW.KERNELBASE(?,?), ref: 009D2669
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,?), ref: 009D2676
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorFileInfoLastSizeVersion
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 752140088-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 6cf7b3e0fbf952244770880a3c22bd6e537a7d75a5d945e8a499eb5958411e0a
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 10177cc18e3c2bf90f788d68e925caab6ec22a1b5741ed9b4fd54d1d8f278587
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 6cf7b3e0fbf952244770880a3c22bd6e537a7d75a5d945e8a499eb5958411e0a
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E421B279900316AACB209FE49D409ABBBBCFF68750B14856BF805E7341E734D942DBA1
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E553D Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 63COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • Internet connection detected using BITS, xrefs: 009E55CF
                                                                                                                                                                                                                                                                                                                                                                                  • CheckInternetConnection, xrefs: 009E554F
                                                                                                                                                                                                                                                                                                                                                                                  • Internet connection detected using %u, xrefs: 009E5591
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: CheckInternetConnection$Internet connection detected using %u$Internet connection detected using BITS
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 431132790-807325795
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 03c7332864058399a49c9fb2b1ebbba8dbce0df7260bda13e14ca7a869825aa3
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 026d5d9a5e69b829c8488e35c8d82531d2a9aa419f590035f9f46a632acd625e
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 03c7332864058399a49c9fb2b1ebbba8dbce0df7260bda13e14ca7a869825aa3
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F8110171D00629ABEB25DBA18C42FBF7236FB81B68F564519F4112B181DF740D828B81
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D091A Relevance: 6.2, APIs: 4, Instructions: 158registryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.ADVAPI32(?,?,00000000,00020019,?), ref: 009D0966
                                                                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExW.KERNELBASE(?,?,00000000,?,00000000,?), ref: 009D098D
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(?,?,00000000,?,00000000,?), ref: 009D0A82
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CloseOpenQueryValue
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3677997916-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 4ec3a55cf60a40076d3cf92d6f051562ad75b204d8a62f4238bd1cf2b715b732
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 994aea0e4fc94d273cea7988580e556c402a17864eb2e54ecee635484cd82482
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 4ec3a55cf60a40076d3cf92d6f051562ad75b204d8a62f4238bd1cf2b715b732
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 19519E75E40206AFDB24CFA8C895AAEB7B9FF98350F24C16AE845E7310D730DE408B50
                                                                                                                                                                                                                                                                                                                                                                                  Function 009F6C55 Relevance: 6.1, APIs: 4, Instructions: 111COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • ___scrt_release_startup_lock.LIBCMT ref: 009F6CC2
                                                                                                                                                                                                                                                                                                                                                                                  • ___scrt_is_nonwritable_in_current_image.LIBCMT ref: 009F6CD7
                                                                                                                                                                                                                                                                                                                                                                                  • ___scrt_is_nonwritable_in_current_image.LIBCMT ref: 009F6D02
                                                                                                                                                                                                                                                                                                                                                                                  • ___scrt_uninitialize_crt.LIBCMT ref: 009F6D59
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ___scrt_is_nonwritable_in_current_image$___scrt_release_startup_lock___scrt_uninitialize_crt
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3089971210-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: ea894594916c71ec0a98694cb752381b408dfefce933df9aaac0cecfdaae4120
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: a0fdfceb6ab235c3278098a664f54af59e6684d6acfb7991f61472cea412366f
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ea894594916c71ec0a98694cb752381b408dfefce933df9aaac0cecfdaae4120
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8B213772E447589BDB20BBB4AE037ED7395EF41310F144035FE856B2D2EB662D118BA2
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D1F7F Relevance: 6.1, APIs: 4, Instructions: 61fileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_catch.LIBCMT ref: 009D1F86
                                                                                                                                                                                                                                                                                                                                                                                  • CreateFileW.KERNELBASE(?,80000000,00000001,00000000,00000003,00000080,00000000,00000010,009CD130,00000000), ref: 009D1FAF
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,80000000,00000001,00000000,00000003,00000080,00000000,00000010,009CD130,00000000), ref: 009D1FBF
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CreateErrorFileH_prolog3_catchLast
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 4184293714-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 5f1c4e87b71a5cda851b077bc825480adefd5ebc975ba3c4554282caa0da9e94
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 899ff0cf6bb9269ab52cbe056fbc365c1fc6e2ef1d1cb9639a5cf6afeb99ad79
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5f1c4e87b71a5cda851b077bc825480adefd5ebc975ba3c4554282caa0da9e94
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0711AB32688341AADF21ABFCAD953BF6A599F85310F10C56BF551A33C1CB740C06A210
                                                                                                                                                                                                                                                                                                                                                                                  Function 009BC04F Relevance: 6.0, APIs: 4, Instructions: 40sleepfileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • CreateFileW.KERNELBASE(?,80000000,00000001,00000000,00000003,00000080,00000000), ref: 009BC079
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009BC081
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8), ref: 009BC09B
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009BC0AC
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorLast$CreateFileSleep
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 296867881-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b4c73f3e9a97eae1c48952e3cbef09312f7d0dae16aa827e243309db9aed6aa2
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: e3ff18d31138fc14b558a813397a7a56f18655ea036395573cdc6bfc021c508b
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b4c73f3e9a97eae1c48952e3cbef09312f7d0dae16aa827e243309db9aed6aa2
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CAF0A471500300EFDB309FE9DD08B8ABBA8EB86730F20471DF6A1E21E0C6B05981C715
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D0A8E Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 46registryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.KERNELBASE(00000000,00000100,00000000), ref: 009D0ABB
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 009D0AFA
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • Unable to open product registry key gle=%u, xrefs: 009D0AC8
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CloseOpen
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: Unable to open product registry key gle=%u
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 47109696-2589650119
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: d8eee6e7f571d716a2f08707b92a6c33bc3e049b5fd593b39342b96e8e663e48
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: f3a749f2d579c13a2d1ba3bb8b2a896ed6efca0fabcdbf0c9d7b286a5394b65f
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d8eee6e7f571d716a2f08707b92a6c33bc3e049b5fd593b39342b96e8e663e48
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0B012B32940208FFDF15CB94DD15F9E7B79EB84351F108025F905A2260D6759E00E750
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A1F1B8 Relevance: 4.5, APIs: 3, Instructions: 15COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetCurrentProcess.KERNEL32(?,?,00A1F1B2,00000016,00A0AA72,?,?,11C5A2E7,00A0AA72,?), ref: 00A1F1C9
                                                                                                                                                                                                                                                                                                                                                                                  • TerminateProcess.KERNEL32(00000000,?,00A1F1B2,00000016,00A0AA72,?,?,11C5A2E7,00A0AA72,?), ref: 00A1F1D0
                                                                                                                                                                                                                                                                                                                                                                                  • ExitProcess.KERNEL32 ref: 00A1F1E2
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Process$CurrentExitTerminate
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1703294689-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 86d5eb7c46730b45569240e7e3088457b99ef68f72917283c2bdc6c6dee41bfe
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: b5a845e2d25f7b861449b37f2be3a729d08e9a771010df8c274dddf4ba042a5a
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 86d5eb7c46730b45569240e7e3088457b99ef68f72917283c2bdc6c6dee41bfe
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 2DD09E31000544BFCF116FE0ED0D9CD3F29EF48351B404020BD0596131DF71A993DA40
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D0834 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 37COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009D083B
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00A1CA95: GetSystemTimeAsFileTime.KERNEL32(?,00000720,?,?,?,?,009CEE41,00000000,?,RegisterRestartJob_1,?), ref: 00A1CAAA
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00A1CA95: __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00A1CAC9
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Time$FileH_prolog3SystemUnothrow_t@std@@@__ehfuncinfo$??2@
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %u=%I64u
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1901806466-2258501633
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 15f4475252da30a02715b46cbd60e7244c4d0726f134d3637dc0be021b90bc7b
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 3f4cbc437396109c814bf415bf4e96bafe7df77559063d82c015f16734983f22
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 15f4475252da30a02715b46cbd60e7244c4d0726f134d3637dc0be021b90bc7b
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C7F06871A00219ABCF14ABA88D42AEE7376BFC0374F148A65F425A73D1D6749D118760
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A13EC7 Relevance: 3.1, APIs: 2, Instructions: 52COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • SetFilePointerEx.KERNELBASE(00000000,00000000,?,00000000,00000002,00000000,00000000,?,?,?,00A140C1,00000000,00000000,?,00000002,00000000), ref: 00A13F03
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(00000000,?,00A140C1,00000000,00000000,?,00000002,00000000,?,00A14A5C,00000000,00000000,00000000,00000002,?,00000000), ref: 00A13F10
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorFileLastPointer
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2976181284-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: a3c5f6c938c253a9e59ae7661602bbac7773dfe185dc82124a236f1afee43baa
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 3e777d2a2eb2d5519765e836d156c77ba3bcd926b8ed25e4d145035b59196e8f
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a3c5f6c938c253a9e59ae7661602bbac7773dfe185dc82124a236f1afee43baa
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0F01D633614215AFCF15CF59DC05DDE3B6AEF85320B254249F8119B2D0E671EE829B90
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A21291 Relevance: 3.0, APIs: 2, Instructions: 22memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • RtlFreeHeap.NTDLL(00000000,00000000,?,00A26C62,?,00000000,?,?,00A26C87,?,00000007,?,?,00A26F66,?,?), ref: 00A212A7
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,?,00A26C62,?,00000000,?,?,00A26C87,?,00000007,?,?,00A26F66,?,?), ref: 00A212B2
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorFreeHeapLast
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 485612231-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 5ae2f23b2b9eeef3e69773a9503cb21737c78f1634eb148fb8151e9cfedb9104
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 07e11014b223772ab56e18aef0eb2656d8a4abc2a313c9d7af033b120090ee89
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5ae2f23b2b9eeef3e69773a9503cb21737c78f1634eb148fb8151e9cfedb9104
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7CE08C32100318ABCF112FE9BC08BDA3AACAB147A1F124030F608EA4A0CA3498528784
                                                                                                                                                                                                                                                                                                                                                                                  Function 009CFEAC Relevance: 3.0, APIs: 2, Instructions: 18COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009CFEB3
                                                                                                                                                                                                                                                                                                                                                                                  • GetFileAttributesW.KERNELBASE(?,?,00000024,009C6FC9,?,00A5AC3C,?,?,?,EvaluateFileCondition,?,000000B8,?,?,?), ref: 009CFEC8
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: AttributesFileH_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1973727094-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 7a2ceefd70bf8d6499699125b97384b87811a1591ae1ac64833bd55446b76806
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: df68c38b25b2502763414f9c36a4b043ab735ef75a2a05c51e362d9a6fa8721b
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7a2ceefd70bf8d6499699125b97384b87811a1591ae1ac64833bd55446b76806
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FEE08C34820118EBCB19EBA4EE56B8C7370AF11370F900368B171A61E0DB741E098A10
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A11525 Relevance: 1.7, APIs: 1, Instructions: 157COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 532cd03a717a5894fdaf74c27515adf48e87ca961759b57bd442ebf9d5e41b36
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 294389a76c2687081eccaeea9d39a0385865cd9256299b0a9c23b634b7492ae7
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 532cd03a717a5894fdaf74c27515adf48e87ca961759b57bd442ebf9d5e41b36
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: BC519370A00104AFDB14DF58CD85AE97FF6EF89364F288158F9599B362D3729E81CB90
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A02240 Relevance: 1.6, APIs: 1, Instructions: 109COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 3c764cd62f7d0f0ba20f5e4b6e7f50d278d65068d5bb31d8bb943941035f530f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 362391ed71c2166c0e519ac0364d655785d130db7844cad2e30c8c7317fa547f
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 3c764cd62f7d0f0ba20f5e4b6e7f50d278d65068d5bb31d8bb943941035f530f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4B31E5B26012186BDB206F88FC81BDFB7ACEF48764F04402AFE0897341D7B5A95187E1
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A23F82 Relevance: 1.6, APIs: 1, Instructions: 59COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: __wsopen_s
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3347428461-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 4b5968659a2caed566f9842a9331f31863f6ad6ae52007e4c951d07ae60ec401
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 1b381ecdcb9605582655b67b250d987f382aec1811aaf09b10bc52145c0f45dc
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 4b5968659a2caed566f9842a9331f31863f6ad6ae52007e4c951d07ae60ec401
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8C113A72A0420AAFCF05DF58E941D9B7BF8EF49304F154069F809AB251D671EE11CBA4
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A2293E Relevance: 1.5, APIs: 1, Instructions: 39memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • RtlAllocateHeap.NTDLL(00000008,?,?,?,00A21144,00000001,00000364,?,00000006,000000FF,?,?,00A0AD72,00A2130E), ref: 00A2297F
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: AllocateHeap
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1279760036-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: c9828e3fb8df1cdef9dafbb9da7d414c88acbe762fc382fa70dc84bc75fdb002
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 13b29301740e00bb26a093a500ace94a1c7405de15e1278b694cd37defa4d4a3
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c9828e3fb8df1cdef9dafbb9da7d414c88acbe762fc382fa70dc84bc75fdb002
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FDF0543164063576DF215B6ABD15BAB7758AF51B70F198131BC19EA190CA20D88187A1
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A212CB Relevance: 1.5, APIs: 1, Instructions: 32memoryCOMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • RtlAllocateHeap.NTDLL(00000000,?,?,?,00A06225,?,?,009F659C,00000008,11C5A2E7), ref: 00A212FD
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: AllocateHeap
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1279760036-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 73b40f0b89337e66d54512cfbbb98689ff99b278f66111e7d95c16bbf9294658
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 7e9a305458b521cca14656503b3c7ed7461471b8bb0bf6f83ae8411c01d5adbb
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 73b40f0b89337e66d54512cfbbb98689ff99b278f66111e7d95c16bbf9294658
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: ECE0E5312002319ADA606BADBD00BEA369DAF317B1F150131BC0CDA890DB50DC4183E4
                                                                                                                                                                                                                                                                                                                                                                                  Function 009BA76E Relevance: 1.5, APIs: 1, Instructions: 22memoryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • RtlFreeHeap.NTDLL(?,00000000,00000000,11C5A2E7,?,00A2C400,000000FF), ref: 009BA79E
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: FreeHeap
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3298025750-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: c8e0b5e0341c33a148bfffe9beed73c49060cb0673cba5318c3f08a647b92810
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: d597470ef1cd271fba2e0989778eb7bd72185ca0187fa93b5d75152c51e89864
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c8e0b5e0341c33a148bfffe9beed73c49060cb0673cba5318c3f08a647b92810
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 20E09232544548FFC701CF84DC45F8ABBB8F709B54F10863AF912966D0C779A400CA40
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A120FC Relevance: 1.5, APIs: 1, Instructions: 15fileCOMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • CreateFileW.KERNELBASE(00000000,00000000,?,00A12504,?,?,00000000,?,00A12504,00000000,0000000C), ref: 00A12119
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CreateFile
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 823142352-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b1b3a0d6008cd2114cd970eeb1b4ba38f998ebe7542a58d0cad0189976d4255e
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 867cabfda6a2a383c5805b2a886abc14eab93ff6d5ed84d31a0380383cecb96c
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b1b3a0d6008cd2114cd970eeb1b4ba38f998ebe7542a58d0cad0189976d4255e
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: BAD06C3200014DBBDF028FC4DC06EDA3BAAFB8C714F014140BE1866020C772E872AB90

                                                                                                                                                                                                                                                                                                                                                                                  Non-executed Functions

                                                                                                                                                                                                                                                                                                                                                                                  Function 009DD93E Relevance: 85.4, APIs: 19, Strings: 29, Instructions: 1364registryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009DD948
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009E3523: __EH_prolog3.LIBCMT ref: 009E352A
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009E0A68: __EH_prolog3.LIBCMT ref: 009E0A6F
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(?,ApplyXmlRegistryUpdate,?,00000124,009DB5F4,?), ref: 009DEA04
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3$Close
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %u $%s attribute is empty$%s attribute is mandatory for regkey node$*$ApplyXmlRegistryUpdate$Attribure mustexist is specified, but the destination registry key is missing, skipping$Invalid flag %s$Invalid flag %s in node %s$Processing regkey node: %s$REG_BINARY hex string %s of value %s is invalid$REG_DWORD number %s of value %s is invalid$Unknown registry value type specified, %s$W$aimm$delete$expand$flags$imm$mustexist$name$path$reg_binary$reg_dword$reg_expand_sz$reg_multi_sz$reg_multi_sz_add$reg_multi_sz_rem$reg_sz$regkey
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2448189564-2252632925
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 1069f3842ca6c4814caf7c8efacc8c1b8b271d69816771e36e70fff71d970ff8
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 863debb01e25df99d22bf24ca1810a18a5284058a417877b8fa0b061879e7e29
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1069f3842ca6c4814caf7c8efacc8c1b8b271d69816771e36e70fff71d970ff8
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FFB2E031D40249DFDF14EBA4CA85BEEBBB9BF54304F24806AE406BB281EB355E45CB51
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D206A Relevance: 33.4, APIs: 17, Strings: 2, Instructions: 163serviceCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • OpenSCManagerW.ADVAPI32(00000000,00000000,00000001), ref: 009D20B5
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009D20C2
                                                                                                                                                                                                                                                                                                                                                                                  • OpenServiceW.ADVAPI32(00000000,?,00000134), ref: 009D20D6
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009D20E2
                                                                                                                                                                                                                                                                                                                                                                                  • CloseServiceHandle.ADVAPI32(?), ref: 009D2203
                                                                                                                                                                                                                                                                                                                                                                                  • CloseServiceHandle.ADVAPI32(00000000), ref: 009D220A
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Service$CloseErrorHandleLastOpen$Manager
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: 0$SeDebugPrivilege
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2257214823-155957164
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b3b51d8c76b98646f280ac020a2ff3e27d436804201b136c362f5df49a87116e
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 5242ea950d8fb4c56e7d74b3be5e26d7a25d31f286f4177e850b8720803b92e4
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b3b51d8c76b98646f280ac020a2ff3e27d436804201b136c362f5df49a87116e
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 91519531684205ABDB25DBE5EC88BBF7BBCBF59710F048016FA11E6290D778D846DB60
                                                                                                                                                                                                                                                                                                                                                                                  Function 009CE1E7 Relevance: 26.5, APIs: 13, Strings: 2, Instructions: 293sleepfiletimeCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_catch_GS.LIBCMT ref: 009CE1F1
                                                                                                                                                                                                                                                                                                                                                                                  • GetSystemTime.KERNEL32(?,?,?,?,?,?,?,?,?,0000014C,009BD8BF,BZ2 error: %i,000003EC), ref: 009CE2CA
                                                                                                                                                                                                                                                                                                                                                                                  • GetCurrentProcessId.KERNEL32(?,?,?,?,?,?,?,?,0000014C,009BD8BF,BZ2 error: %i,000003EC), ref: 009CE2DE
                                                                                                                                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(00000000,00010084,00000007,00000000,00000004,00000000,00000000,?), ref: 009CE3C9
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009CE3ED
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8), ref: 009CE40A
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009CE412
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • \??\, xrefs: 009CE4AB
                                                                                                                                                                                                                                                                                                                                                                                  • [%04hu-%02hu-%02hu %02hu:%02hu:%02hu.%03hu] %04u %%%us%%s%%s, xrefs: 009CE31E
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorLast$CreateCurrentFileH_prolog3_catch_ProcessSleepSystemTime
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: [%04hu-%02hu-%02hu %02hu:%02hu:%02hu.%03hu] %04u %%%us%%s%%s$\??\
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2414361620-4107746370
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 00e2d17247e23ba9ae5395f030e975a40413b7d5e8a233fdab4a3ea319b21e6f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 62a91d38d86a806fa9ac5cb9639ec21c232efd3d0841b398932205ea6ebb24c2
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 00e2d17247e23ba9ae5395f030e975a40413b7d5e8a233fdab4a3ea319b21e6f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A2C18A71D00258EFDB25DBA8CD49BEDB7B8AF18314F0440D8F54AA7291DB746E84CB62
                                                                                                                                                                                                                                                                                                                                                                                  Function 009CF00C Relevance: 21.2, APIs: 11, Strings: 1, Instructions: 182filesleepCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_GS.LIBCMT ref: 009CF016
                                                                                                                                                                                                                                                                                                                                                                                  • FindFirstFileW.KERNEL32(?,?,?,00000000,00000010,009BBBCA), ref: 009CF0DA
                                                                                                                                                                                                                                                                                                                                                                                  • SetFileAttributesW.KERNEL32(?,00000080), ref: 009CF1F8
                                                                                                                                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(?), ref: 009CF207
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009CF20F
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8), ref: 009CF228
                                                                                                                                                                                                                                                                                                                                                                                  • FindNextFileW.KERNEL32(00000000,?,?,?,?,00000000,00000010,009BBBCA), ref: 009CF27E
                                                                                                                                                                                                                                                                                                                                                                                  • SetFileAttributesW.KERNEL32(?,00000010,?,?,?,00000000,00000010,009BBBCA), ref: 009CF294
                                                                                                                                                                                                                                                                                                                                                                                  • RemoveDirectoryW.KERNEL32(?,?,?,?,00000000,00000010,009BBBCA), ref: 009CF2A0
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,?,?,00000000,00000010,009BBBCA), ref: 009CF2AA
                                                                                                                                                                                                                                                                                                                                                                                  • FindClose.KERNEL32(00000000,?,?,?,00000000,00000010,009BBBCA), ref: 009CF2B3
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D310F: __EH_prolog3.LIBCMT ref: 009D3116
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009B9379: __EH_prolog3.LIBCMT ref: 009B9380
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: File$Find$AttributesErrorH_prolog3Last$CloseDeleteDirectoryFirstH_prolog3_NextRemoveSleep
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: \\?\%s
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1862774710-3682370727
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 775150b0fd0884bd620cd25c5071ce07caa1785e5ace6727f26efc5a5de7ccd1
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: aaa671bd460ee93a83ed44375b4775db9e7d7bffb4b6000260569a525108c85d
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 775150b0fd0884bd620cd25c5071ce07caa1785e5ace6727f26efc5a5de7ccd1
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4071DD30D08219DADF24EB60DEA9FEDB776AF50314F1041E8E50A660D1EB761F89CB12
                                                                                                                                                                                                                                                                                                                                                                                  Function 009C257B Relevance: 15.9, Strings: 11, Instructions: 2126COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %d in block, %d after MTF & 1-2 coding, %d+2 syms in use$ bytes: mapping %d, $ initial group %d, [%d .. %d], has %d syms (%4.1f%%)$ pass %d: size is %d, grp uses are $ block %d: crc = 0x%08x, combined CRC = 0x%08x, size = %d$ final combined CRC = 0x%08x $%d $BZ2 error: %i$code lengths %d, $codes %d$selectors %d,
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 0-2907567208
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: d945501938dcb7cff4bd48150d58c56d66ce0a8ff5b7e4b26875230ce48d75d3
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 6bf9c04f5e9397ebcf64ca68de74d5b278b261898ab42a5ac5141de69f0edc39
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d945501938dcb7cff4bd48150d58c56d66ce0a8ff5b7e4b26875230ce48d75d3
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 62235935E002558BDB29CF58C881BBDB7B1FF45308F0841ADE849AB396DB75A9A1CF50
                                                                                                                                                                                                                                                                                                                                                                                  Function 009F00DD Relevance: 14.4, Strings: 11, Instructions: 647COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: Sh$Auth$GenuineIntel$Hygo$Intel(R) Core(TM)2 CPU 6600 @ 2.40 GHz$Micr$aurH$cAMD$ntel$osof$t Hv
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 0-512046704
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 59fca3bf6c4d268bb8ea3e4f845f270a9f91d72622dafb3864cd4ff466655335
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 7be7e8e685b63f002560c15ae783177ab60a699a18e4d4f9a4f509daa57d4171
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 59fca3bf6c4d268bb8ea3e4f845f270a9f91d72622dafb3864cd4ff466655335
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: BD4201B1D1460D8AEB25CFAEC8453ADFEB9EBD8314F24852AD564E7293C7758881CF40
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E0B37 Relevance: 12.5, APIs: 5, Strings: 2, Instructions: 281fileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_GS.LIBCMT ref: 009E0B41
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009E358D: __EH_prolog3.LIBCMT ref: 009E3594
                                                                                                                                                                                                                                                                                                                                                                                  • FindFirstFileW.KERNEL32(?,?), ref: 009E0C00
                                                                                                                                                                                                                                                                                                                                                                                  • FindClose.KERNEL32(00000000), ref: 009E0F56
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009BBD08: __EH_prolog3.LIBCMT ref: 009BBD0F
                                                                                                                                                                                                                                                                                                                                                                                  • GetFileAttributesW.KERNEL32(?,?,?,?,?,?), ref: 009E0C7C
                                                                                                                                                                                                                                                                                                                                                                                  • FindNextFileW.KERNEL32(00000000,?,?,?,?), ref: 009E0F38
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009E1037: __EH_prolog3.LIBCMT ref: 009E103E
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009E2A70: __EH_prolog3.LIBCMT ref: 009E2A77
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009E0FDA: __EH_prolog3.LIBCMT ref: 009E0FE1
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3$FileFind$AttributesCloseFirstH_prolog3_Next
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: CopyFilesToDestDir$W
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 614840102-3632011963
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 95b680c844682e22d3a67451b7ab64a4e3cb82aba5d337eede7f7acf39c7e6c4
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: a496b52d43c2a1a0a5e10b4bbb6ce59ad6f513fa1c0ea267ce364afbbf6da240
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 95b680c844682e22d3a67451b7ab64a4e3cb82aba5d337eede7f7acf39c7e6c4
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8EC18A30809259DACF25EB64CD99BEDB778AF90304F1085D8E40AA7191EB716FC8CF51
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A27264 Relevance: 10.2, APIs: 1, Strings: 4, Instructions: 1436COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: __floor_pentium4
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: 1#IND$1#INF$1#QNAN$1#SNAN
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 4168288129-2761157908
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 592f7214495c14851a0004c00b1d484ce97e49d4531fd548f60c1ca01d312b9c
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 83a27eb736918a3a37c6a37491542124762f44dd509917f73cac7216bf20ebbe
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 592f7214495c14851a0004c00b1d484ce97e49d4531fd548f60c1ca01d312b9c
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: DAD20871E092298FDB65CF28ED407EEB7B5EB44305F1445EAE84DA7240DB38AE858F41
                                                                                                                                                                                                                                                                                                                                                                                  Function 009C43B7 Relevance: 7.3, Strings: 4, Instructions: 2323COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: [%d: huff+mtf $1$BZ2 error: %i$rt+rld
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 0-2267245451
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: a9d2089854ba419cef876cd91a871a509e50bc14fe5b4e22cf5edc3c36107152
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 81a67db17989eadc2cd717c45afa01850e79317af119de66fb08078edc3abac2
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a9d2089854ba419cef876cd91a871a509e50bc14fe5b4e22cf5edc3c36107152
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8423F1B5A00215CFCB18CF18C094AA8BBF1FB49311B2981AEDC9A9F35AD734E945CF51
                                                                                                                                                                                                                                                                                                                                                                                  Function 009BDBDD Relevance: 6.6, Strings: 5, Instructions: 337COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: bucket sorting ...$ depth %6d has $ reconstructing block ...$%6d unresolved strings$BZ2 error: %i
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 0-995844132
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: d411fb3a12445184944d5653827dd5f7e71757cd00fb61570ecbed6898bbede6
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: b394256341b2e00af4e272d93ec2f72cd627104ba3e4c8dd82894060c4f571b6
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d411fb3a12445184944d5653827dd5f7e71757cd00fb61570ecbed6898bbede6
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FBC1D871B115288BDB289E18CD817E973E5FFC5320F1585ADD98ADB285EE709D828FC0
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A214DA Relevance: 6.3, APIs: 4, Instructions: 337COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: _strrchr
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3213747228-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: fa32d286512d335aecc10815de017fda9071df3d45bc85ed3492902ea8a881bc
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: c6e9918fef36117640bd2e8109466048adda7418dd70842df7e5abf85f6f1489
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: fa32d286512d335aecc10815de017fda9071df3d45bc85ed3492902ea8a881bc
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 30B14872D042659FDB15CF6CD881BEEBBB5EFA5340F2541BAE805AB241D235DD01CBA0
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A0661F Relevance: 6.1, APIs: 4, Instructions: 70COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • IsProcessorFeaturePresent.KERNEL32(00000017), ref: 00A0662B
                                                                                                                                                                                                                                                                                                                                                                                  • IsDebuggerPresent.KERNEL32 ref: 00A066F7
                                                                                                                                                                                                                                                                                                                                                                                  • SetUnhandledExceptionFilter.KERNEL32(00000000), ref: 00A06710
                                                                                                                                                                                                                                                                                                                                                                                  • UnhandledExceptionFilter.KERNEL32(?), ref: 00A0671A
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ExceptionFilterPresentUnhandled$DebuggerFeatureProcessor
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 254469556-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b9eff5f98752560f3fc19545ab36715fcba697436b763b70a4044f99c6340616
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: f4bf1e90d57270b814ec934fe93d3c448f8d61bf6f8eecb214a595dbbdb32a57
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b9eff5f98752560f3fc19545ab36715fcba697436b763b70a4044f99c6340616
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 91311675C0522C9BDB20DFA4DD897CDBBB8AF08304F1041AAE40CAB290EB709A958F44
                                                                                                                                                                                                                                                                                                                                                                                  Function 009C0283 Relevance: 5.7, APIs: 1, Strings: 2, Instructions: 442COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: __fread_nolock
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: BSDI$FF40
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2638373210-906853832
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 82b879ad2d7ca085bff16e3675318e2fe61d64d7241dd99fc4ac106aeb4402ba
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 6bf294f158f3cd4e91828f105a43de659af5f7d43d36663a898f622e402d248a
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 82b879ad2d7ca085bff16e3675318e2fe61d64d7241dd99fc4ac106aeb4402ba
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FCE18031E04259DBDF14DFA8CD81FAEB7B9AFC4714F24412DE815AB241EB30A946CB52
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A0AA73 Relevance: 4.6, APIs: 3, Instructions: 77COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • IsDebuggerPresent.KERNEL32(?,?,?,?,?,00000001), ref: 00A0AB6B
                                                                                                                                                                                                                                                                                                                                                                                  • SetUnhandledExceptionFilter.KERNEL32(00000000,?,?,?,?,?,00000001), ref: 00A0AB75
                                                                                                                                                                                                                                                                                                                                                                                  • UnhandledExceptionFilter.KERNEL32(-00000327,?,?,?,?,?,00000001), ref: 00A0AB82
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ExceptionFilterUnhandled$DebuggerPresent
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3906539128-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 09065071bc7d4127385bb8ee545cdd7d55f31340eb17c34fd04be26efd937f53
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 8a89ac23e6d430394f4ff64c002c4b130178551ec32ec0fabfbba3ac91a7d6e4
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 09065071bc7d4127385bb8ee545cdd7d55f31340eb17c34fd04be26efd937f53
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FC31C27490132C9BCB21DF64E98978DBBB8AF18310F5085EAE41CA7290EB749F858F45
                                                                                                                                                                                                                                                                                                                                                                                  Function 009B9C9A Relevance: 4.6, APIs: 3, Instructions: 56COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • LoadResource.KERNEL32(00000000,00000000,11C5A2E7,00000002,00000000,?,00000000,00A2C560,000000FF,?,009B9D8B,?,?,?,?,?), ref: 009B9CC5
                                                                                                                                                                                                                                                                                                                                                                                  • LockResource.KERNEL32(00000000,?,009B9D8B,?,?,?,?,?,?,00A2C580,000000FF,?,009B9728), ref: 009B9CD0
                                                                                                                                                                                                                                                                                                                                                                                  • SizeofResource.KERNEL32(00000000,00000000,?,009B9D8B,?,?,?,?,?,?,00A2C580,000000FF,?,009B9728), ref: 009B9CDE
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Resource$LoadLockSizeof
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2853612939-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 5186b4e188ad12b8019d4bb4d8c9dbd87c46c0ec83352316aae53e8c51bc04a2
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 0939cd606fa7e760dd4c7cc96a4d932214029b97a2fcd4f610a27d4f15dd8f8e
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5186b4e188ad12b8019d4bb4d8c9dbd87c46c0ec83352316aae53e8c51bc04a2
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C7012F739105219BCB30CF69DD44A97B7ECEB84724F104A3AFD06D3150E670EC008690
                                                                                                                                                                                                                                                                                                                                                                                  Function 009CE871 Relevance: 4.6, APIs: 3, Instructions: 55COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009CE878
                                                                                                                                                                                                                                                                                                                                                                                  • InitializeSecurityDescriptor.ADVAPI32(00A72464,00000001,00000008), ref: 009CE910
                                                                                                                                                                                                                                                                                                                                                                                  • SetSecurityDescriptorDacl.ADVAPI32(00A72464,00000001,00000000,00000000), ref: 009CE91B
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: DescriptorSecurity$DaclH_prolog3Initialize
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2975892733-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 83d26771a2cc555f5f502364c87a6c5ebc74f55a94a7ec403a11783b6ec71cd6
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ca17affd7d7cc2057b660ed767098acc06c3b255788bcf58f642c5abfdb897bc
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 83d26771a2cc555f5f502364c87a6c5ebc74f55a94a7ec403a11783b6ec71cd6
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5A116D70A11244ABE754DFEEED843497AE5FB48314F90D039A18DD72A1C7344886CB26
                                                                                                                                                                                                                                                                                                                                                                                  Function 009BA9D6 Relevance: 3.1, APIs: 2, Instructions: 53memoryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetProcessHeap.KERNEL32(00000000,009B9655,11C5A2E7,?,00A2C400,000000FF), ref: 009BAA10
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00A05CE5: AcquireSRWLockExclusive.KERNEL32(00A70730,00A7133C,?,009BAABE,00A7133C,00A33DCA,00000000,009B9655,11C5A2E7,?,00A2C400,000000FF), ref: 00A05CEF
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00A05CE5: ReleaseSRWLockExclusive.KERNEL32(00A70730,?,009BAABE,00A7133C,00A33DCA,00000000,009B9655,11C5A2E7,?,00A2C400,000000FF), ref: 00A05D22
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00A05CE5: WakeAllConditionVariable.KERNEL32(00A7072C,?,009BAABE,00A7133C,00A33DCA,00000000,009B9655,11C5A2E7,?,00A2C400,000000FF), ref: 00A05D2D
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009BA9DD
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00A05D36: AcquireSRWLockExclusive.KERNEL32(00A70730,?,00A7133C,?,009BAA5E,00A7133C,00000000,009B9655,11C5A2E7,?,00A2C400,000000FF), ref: 00A05D41
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00A05D36: ReleaseSRWLockExclusive.KERNEL32(00A70730,?,00A7133C,?,009BAA5E,00A7133C,00000000,009B9655,11C5A2E7,?,00A2C400,000000FF), ref: 00A05D7B
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ExclusiveLock$AcquireRelease$ConditionH_prolog3HeapProcessVariableWake
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2609382285-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 1f099a7d2ae918b48f06a8c89a7eea3cc116abe54a2e6f4d3ece2567a1d42c80
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 9922b1564814f8b3a2d916ded8944f6d26bcd3768f9c27d7be3de62a4e290b87
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1f099a7d2ae918b48f06a8c89a7eea3cc116abe54a2e6f4d3ece2567a1d42c80
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A6215970900704DBD7A0DFACAE4A6993BE4BB04724B10D66DF06C9EAE1CB7455828F15
                                                                                                                                                                                                                                                                                                                                                                                  Function 009B3080 Relevance: 3.0, Strings: 1, Instructions: 1750COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: @
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 0-2766056989
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 4ceef34346ae523485fdd684f7624a4301e70f73ed05a2fa1faf666b4223ef79
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 5b1d2cdc1b420894976f2b3232da6f42dcd6bbbfb036225fb480e54b02c1cfb0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 4ceef34346ae523485fdd684f7624a4301e70f73ed05a2fa1faf666b4223ef79
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3BD25273A083114BD318CF26DC9126BF7D3EFD8210F0BC62EF896A7644DB74A9464686
                                                                                                                                                                                                                                                                                                                                                                                  Function 009FA4B0 Relevance: 2.7, Strings: 1, Instructions: 1427COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: `
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 0-2679148245
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: c48c8000906921e5cad24ee9cafcdc7ec351297e78976751427c769e910868d2
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 4c63b6afd51ec534ac7faeddc462643b26ca8d26233ffa1d220b1f314e904133
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c48c8000906921e5cad24ee9cafcdc7ec351297e78976751427c769e910868d2
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9AE24975E006188FDB25CFA8C890AADBBF2FF48308F54856DD95AAB345DB34A941CF50
                                                                                                                                                                                                                                                                                                                                                                                  Function 009BF91B Relevance: 2.0, Strings: 1, Instructions: 778COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: BSDIFF40
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 0-2316742233
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 0223b95569eb7c112e08e42e28c203819b56f073a1dcefc40bc5889e7903678f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: c12d4ee87179750396fcccc097811e1ff73240d0ec0934a84c0078d75eb0d25c
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0223b95569eb7c112e08e42e28c203819b56f073a1dcefc40bc5889e7903678f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 7E62E875E002199FCF24DFA8D994ADDBBB5BF89310F244169E419E7246EB309D46CF40
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A20222 Relevance: 1.8, APIs: 1, Instructions: 274COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • RaiseException.KERNEL32(C000000D,00000000,00000001,?,?,00000008,?,?,00A2021D,?,?,00000008,?,?,00A2AD71,00000000), ref: 00A2044F
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ExceptionRaise
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3997070919-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: bbd39a4ed20db9c262a1333607bb63db0b23e6e0d9f3cc396c9974b105b7d780
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 507eeedb19731792a96b14673a4f4978f9701c04fa428e00bb05caf479cab58b
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: bbd39a4ed20db9c262a1333607bb63db0b23e6e0d9f3cc396c9974b105b7d780
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 41B13A31610618CFD718CF2CD48AF657BA1FF45364F258668E999CF2A2C335E992CB40
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A25092 Relevance: 1.7, APIs: 1, Instructions: 156timeCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00A21291: RtlFreeHeap.NTDLL(00000000,00000000,?,00A26C62,?,00000000,?,?,00A26C87,?,00000007,?,?,00A26F66,?,?), ref: 00A212A7
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00A21291: GetLastError.KERNEL32(?,?,00A26C62,?,00000000,?,?,00A26C87,?,00000007,?,?,00A26F66,?,?), ref: 00A212B2
                                                                                                                                                                                                                                                                                                                                                                                  • GetTimeZoneInformation.KERNEL32(00000000,00000000,00000000,00000000,00000000,00000000,?,?,?,00A25245,00000000,00000000,00000000), ref: 00A25104
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorFreeHeapInformationLastTimeZone
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3335090040-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 0aa67d6eb6386bd4fd24c5c8bb2fcae6ff5969149b19de826b00ac5063f8313c
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: eed4c430963104c3efccf7e570e50bcc20940f06229eb5c328fb78dc8a984fd2
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0aa67d6eb6386bd4fd24c5c8bb2fcae6ff5969149b19de826b00ac5063f8313c
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 02418171D00635ABCB10FBBDED06A9A7BB9EF05360B108275F814E71A2EB709D518BD4
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A0643E Relevance: 1.6, APIs: 1, Instructions: 147COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • IsProcessorFeaturePresent.KERNEL32(0000000A,?,00A05E48,?,009F6C1A,00000001,11C5A2E7), ref: 00A06454
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: FeaturePresentProcessor
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2325560087-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 78722a94734e5c7a1147618f0964d3ce66e1670674f7abfad9b1fc895695cb66
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: b6324d4e81e140ea43caa41921df56fbfcb32c098f915d558c62ab83136ae264
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 78722a94734e5c7a1147618f0964d3ce66e1670674f7abfad9b1fc895695cb66
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5B515C71A01209CFEB18CFA5E9857AABBF4FB48354F24C42AD405EB294D3B69951CF60
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A0E457 Relevance: 1.6, Strings: 1, Instructions: 388COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: 0
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 0-4108050209
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: f9324b83a41c0fd2228f2f44f0db7743973374440069d81c98b7fcdf7adeec54
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: cdf971e77babbd72c5c4907c306b6d5c15d2b8545867e5d9ec472a61a8ff135e
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f9324b83a41c0fd2228f2f44f0db7743973374440069d81c98b7fcdf7adeec54
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 28E1AD70A0060D8FCB24CF68E580AAAB7F1FF49314F248E5DD4569B2D1E732AD46EB51
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A25B9E Relevance: 1.6, APIs: 1, Instructions: 108COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b2a20fa4ad35311aeb2fda684eab3bbcf682694724b97e11feec9f0c551b1a5b
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: cdd8fd190c643e4d84176bd9f2586938c06075f03d284ce9c323fd1fc766e631
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b2a20fa4ad35311aeb2fda684eab3bbcf682694724b97e11feec9f0c551b1a5b
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: EB31C476900629AFCB20DFBCED89DBBB77DFB84310F144568F80597244EA30AE408B50
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A0E0F2 Relevance: 1.6, Strings: 1, Instructions: 322COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: 0
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 0-4108050209
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b87c990e34a96624f5bbbc7e51236ef70645cf10a95d27671ab05d15e4942155
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 537c2da22cba332868937c28a67ed30e8912cffd517b020244a79ff008600342
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b87c990e34a96624f5bbbc7e51236ef70645cf10a95d27671ab05d15e4942155
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CFB1C071A0060EDBCF24CFA8E680ABEB7F5AF58300F144E1DD456A76D0D631AD46EB51
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A067AC Relevance: 1.5, APIs: 1, Instructions: 3COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • SetUnhandledExceptionFilter.KERNEL32(Function_000567B8,009F6BC5), ref: 00A067B1
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ExceptionFilterUnhandled
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3192549508-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: ab019829d69e54251c1d046af9a88168d63a8475352991f6038266bed6870dc6
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 9eb73112779dbc35fca3b3a9c1d8c385c32294ea7a143db53808fd4a5662d16a
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ab019829d69e54251c1d046af9a88168d63a8475352991f6038266bed6870dc6
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash:
                                                                                                                                                                                                                                                                                                                                                                                  Function 009FE9A0 Relevance: 1.5, Strings: 1, Instructions: 205COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: SVW=
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 0-1029679824
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 2a4123388ae6a751298072b79eb5aad933878fc29136c30fa2c6130c03d6f6d5
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 34aef009b1b6b0a582ba7429b3b216b2e9f810e3bc48f50b7d9d02df243e54a2
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2a4123388ae6a751298072b79eb5aad933878fc29136c30fa2c6130c03d6f6d5
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CC717174A0051AABCB18CF29D8947A9BBA5FF48315F04413AEA0AD7B50D735EC61CBD0
                                                                                                                                                                                                                                                                                                                                                                                  Function 009FC330 Relevance: .9, Instructions: 924COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 56838af59b1eef9b10177f390e246d6630dec2d4f2b9e02d28087e14ff0760f0
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 0230c26bf0f3603a6c7016176078c80744acac78b2f745ecfe14ecf345945f76
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 56838af59b1eef9b10177f390e246d6630dec2d4f2b9e02d28087e14ff0760f0
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: BA827AB1A006198FCB18CF68C9917AEB7F2FF88314F15856EE586A7790D734AA41CF50
                                                                                                                                                                                                                                                                                                                                                                                  Function 009B73A0 Relevance: .6, Instructions: 599COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: d320b19924144af174eedb042ec46a73225805ecc02a14be4c57fbe133ea4a58
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ba503bceb9734c12ba52ac92b3eaebb6d6353c110861b7bc2fada449248b445e
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d320b19924144af174eedb042ec46a73225805ecc02a14be4c57fbe133ea4a58
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0E2283335417044BE318CE6ECC815C2B3E3AFD822475F867EC926CB796EEB9A6174548
                                                                                                                                                                                                                                                                                                                                                                                  Function 009F9270 Relevance: .5, Instructions: 517COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: a298b220064efc09504d322fae2345c810b887d8f1f398103602b0a5dd749d8f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 4f43b9df2d62eeafbac5d60e769006f17d4370080590672bcb51b17b51a3ae7d
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a298b220064efc09504d322fae2345c810b887d8f1f398103602b0a5dd749d8f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B4128E71F0412A8BDF0CCE59C4A03BCBBB2FB89315F2445AED556AB384C6759A81CF94
                                                                                                                                                                                                                                                                                                                                                                                  Function 009C1487 Relevance: .5, Instructions: 493COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 6b68de531e4fd4a36f05bcc5d58f119f6cce00e4e086f443ea3e4a0c58bd75ba
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: cae30493ddeffce61ca175eeb71beb4f110ae628e76ce2abeb26e259bc9ab542
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 6b68de531e4fd4a36f05bcc5d58f119f6cce00e4e086f443ea3e4a0c58bd75ba
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 03226874A04B548FDB29CF69C0A0AAEBBF1FB85300F10895DD0AB97B52DB30B945CB55
                                                                                                                                                                                                                                                                                                                                                                                  Function 009ED9A0 Relevance: .4, Instructions: 401COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: ceb8ec94bcfd3d6fff5fdd5979dd5a03fe6fff8b8584328a86ce6e21be99f0e4
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 9b916dadeb023011fc66274764fc578f1ba4334cd03a0f24d30f1a747ac565b0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ceb8ec94bcfd3d6fff5fdd5979dd5a03fe6fff8b8584328a86ce6e21be99f0e4
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D8F114B5E012598FCB54CFA9C980A9DBBF5BF48314F25426AE809EB345E771AC46CF40
                                                                                                                                                                                                                                                                                                                                                                                  Function 009FA070 Relevance: .2, Instructions: 244COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 400814806de0cbe3eb3d17025e2e2d85a61d78816f7eb96b6a3ba692bb6fc14f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 091c460e22254b086c7ca914a562e7f7f2c1200425890e0b60bc87e3f05a417b
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 400814806de0cbe3eb3d17025e2e2d85a61d78816f7eb96b6a3ba692bb6fc14f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 47B16EB1E106298BDB64CF18C8887A9B3B1FF58314F1542E9D95EA7345CB74AE91CF80
                                                                                                                                                                                                                                                                                                                                                                                  Function 009F9AA0 Relevance: .1, Instructions: 128COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: fbad52d7adfb21bfabee0867fd1df6ef3de1900061623fe1735ceadeb28ff76d
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 9bbd543efca76824765ebe0e08bca2d78040da38ee59c9f1b0ed89d75fd7a773
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: fbad52d7adfb21bfabee0867fd1df6ef3de1900061623fe1735ceadeb28ff76d
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 42412AB6E0061E9BDB10CF58D881ABEB7B8FF49314F544269EA05AB345D331EE51CB90
                                                                                                                                                                                                                                                                                                                                                                                  Function 009FE8B0 Relevance: .1, Instructions: 71COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: adc2fe75a12df1ac963011b9aa53ede0b3d7ae20bb6f3d3f66d5db85be41c55a
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ec67752701376f28e27e7090aa0d1cf0a6d4ae61e7b44ca6953ae6946daa31ed
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: adc2fe75a12df1ac963011b9aa53ede0b3d7ae20bb6f3d3f66d5db85be41c55a
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5E118137320A0A0BE74C8A2CD93777532D0A745314F88A67DEA6BCF2D2D729C455C785
                                                                                                                                                                                                                                                                                                                                                                                  Function 009FD810 Relevance: .0, Instructions: 50COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 1759cb940a7e7d1908e2d51731a478de234e66508096729c1d21c7e443ce613b
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 4e76587e8f445f55ebdfab0dcef6d215fafa3f2aba4bc0522f73c4682a4c4eed
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1759cb940a7e7d1908e2d51731a478de234e66508096729c1d21c7e443ce613b
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3C01927260051A5BDB14CF0DC881576B3A5FF45361B498239ED4AEB341C634F860C7D0
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A24602 Relevance: .0, Instructions: 29COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: f58eb989f549de87c7bf8b60544d23d2654f7448c27b45f561bbab3e633ce46b
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 16eaf021046df8da105a7555afb33556703944a6fbc09b2be27e39477cb6ce2f
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f58eb989f549de87c7bf8b60544d23d2654f7448c27b45f561bbab3e633ce46b
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A6F030326512B4ABCB26DB4CE905BD973E8EB49B51F124066E505E7151C274DD40C7D4
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A24646 Relevance: .0, Instructions: 22COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 50a972b62d0eeab7cf69184d0388e3c5d72ff44d8abf7cf4b2c8061fcda85dc3
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 4fb4c9fd11fc23817da7c289547ea9830828769e411b7b4980006dc3eeb36ab0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 50a972b62d0eeab7cf69184d0388e3c5d72ff44d8abf7cf4b2c8061fcda85dc3
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: AAE0EC72915238EBCB15DB9CDA45D8AF3ECEB4AB50F1544AAB511D7111D274DE00C7D0
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A1F22C Relevance: .0, Instructions: 12COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 7a1c8a55146234ae8fa14559be44d9a7234578391d911de852cb49aad8bbc411
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 61fb9a01cae66070e74581c1f149152c4ce306e22c1bf593f7a22f2dfa9243ba
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7a1c8a55146234ae8fa14559be44d9a7234578391d911de852cb49aad8bbc411
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B3C08C38000D804ACE298A1482F13E43355B3A3B82F8804ACC8030B642C56E9CC7DA00
                                                                                                                                                                                                                                                                                                                                                                                  Function 009CA44F Relevance: 49.5, APIs: 1, Strings: 27, Instructions: 485COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009CA456
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009B956C: __EH_prolog3.LIBCMT ref: 009B9573
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009BBD08: __EH_prolog3.LIBCMT ref: 009BBD0F
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: 3$build_c$component_c$cpu_c$exitcode_c$file_c$fmtver_c$gdpr_c$geo_c$guid_c$icarus_c$ini_c$language_c$mversion_c$os_c$patch_c$prod_c$ram_c$regkey_c$regval_c$remote_c$rversion_c$time_c$timespan_c$user_c$uupdate_c$version_c
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 431132790-3320006421
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 0187046f436008a21e87e4d131958d49d835da2653b26060edb5b5c55c6c19e6
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: b3b82b2126086282d0d41b3007e7d7f3c1220ec5300d236ab92a339aec734f33
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0187046f436008a21e87e4d131958d49d835da2653b26060edb5b5c55c6c19e6
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 24029232E1015CAADB15E7B4CF22BFE7665AF91724F640258E9527B2C2DB650E04C3B3
                                                                                                                                                                                                                                                                                                                                                                                  Function 009DA94F Relevance: 44.2, APIs: 10, Strings: 15, Instructions: 491COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009C6C10: __EH_prolog3.LIBCMT ref: 009C6C17
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009BBD08: __EH_prolog3.LIBCMT ref: 009BBD0F
                                                                                                                                                                                                                                                                                                                                                                                  • std::generic_category.LIBCPMTD ref: 009DB0EA
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3$std::generic_category
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %u%03u%02u$.$Creating reboot file: %s$EmUpdatePending$Invalid flag %s in node %s$MicroUpdates$aswmicroupdate$flags$nobizreboot$noreboot$reboot$version$Yl$}r$q
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3323134660-3340328878
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: f97233c0e5fe5f279e6b7457dcdad4488b7dc59d9937e8f38f1895c6e1855425
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 7c3ef5b36266b0a12909720907b68f5f69e02b581b880d78ac81352472c403ad
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f97233c0e5fe5f279e6b7457dcdad4488b7dc59d9937e8f38f1895c6e1855425
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4D12DF719802698BCF26EB64CD55BEDB3BDAF50340F1081EAE409A7291EB749F85CF41
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E127A Relevance: 42.3, APIs: 15, Strings: 9, Instructions: 337filesleepCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009E1281
                                                                                                                                                                                                                                                                                                                                                                                  • MoveFileW.KERNEL32(00000000,00CE8098), ref: 009E1303
                                                                                                                                                                                                                                                                                                                                                                                  • MoveFileW.KERNEL32(00A724F8,00CE8098), ref: 009E13C2
                                                                                                                                                                                                                                                                                                                                                                                  • CopyFileW.KERNEL32(?,?,00000000,00CE41D0,HandleFiles,00000000,?,00000050,009DAD47), ref: 009E13FF
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,00000050,009DAD47), ref: 009E1407
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8,?,00000050,009DAD47), ref: 009E1420
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,00000050,009DAD47), ref: 009E142C
                                                                                                                                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(00CE41D0,?,00000050,009DAD47), ref: 009E1460
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,00000050,009DAD47), ref: 009E1468
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8,?,00000050,009DAD47), ref: 009E1489
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,00000050,009DAD47), ref: 009E14C7
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,00000050,009DAD47), ref: 009E14E6
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CFEAC: __EH_prolog3.LIBCMT ref: 009CFEB3
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CFEAC: GetFileAttributesW.KERNELBASE(?,?,00000024,009C6FC9,?,00A5AC3C,?,?,?,EvaluateFileCondition,?,000000B8,?,?,?), ref: 009CFEC8
                                                                                                                                                                                                                                                                                                                                                                                  • MoveFileExW.KERNEL32(?,?,00000005,HandleFiles,00000000,?,00000050,009DAD47), ref: 009E15BD
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,00000050,009DAD47), ref: 009E15C7
                                                                                                                                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(?,HandleFiles,00000000,?,00000050,009DAD47), ref: 009E1619
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • Cannot copy file %s -> %s gle=%u, xrefs: 009E143C
                                                                                                                                                                                                                                                                                                                                                                                  • Cannot register reboot move file %s -> %s gle=%u, xrefs: 009E15E2
                                                                                                                                                                                                                                                                                                                                                                                  • Reboot reason imm: %s, xrefs: 009E156B
                                                                                                                                                                                                                                                                                                                                                                                  • Cannot move file %s -> %s gle=%u, xrefs: 009E14D7
                                                                                                                                                                                                                                                                                                                                                                                  • Cannot register reboot delete file %s gle=%u, xrefs: 009E165F
                                                                                                                                                                                                                                                                                                                                                                                  • Cannot create directory %s gle=%u, xrefs: 009E14FB
                                                                                                                                                                                                                                                                                                                                                                                  • Reboot reason non imm: %s, xrefs: 009E15A3
                                                                                                                                                                                                                                                                                                                                                                                  • Reboot reason delete: %s, xrefs: 009E1637
                                                                                                                                                                                                                                                                                                                                                                                  • HandleFiles, xrefs: 009E12B7
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: File$ErrorLast$Move$DeleteH_prolog3Sleep$AttributesCopy
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: Cannot copy file %s -> %s gle=%u$Cannot create directory %s gle=%u$Cannot move file %s -> %s gle=%u$Cannot register reboot delete file %s gle=%u$Cannot register reboot move file %s -> %s gle=%u$HandleFiles$Reboot reason delete: %s$Reboot reason imm: %s$Reboot reason non imm: %s
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3414867141-124279677
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 52adb45f2eecba5635bc2ecab775b19b7c519387ac451e3c295caca105258082
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 65e526b9ad161f9ee5bf1d6f6c41e0e98aecc786589e038ba5c818aea995a85d
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 52adb45f2eecba5635bc2ecab775b19b7c519387ac451e3c295caca105258082
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 28D1B1319002859FDF26DFA5C845BFEBBB9BF55310F180859F452A71A2DB30AE48CB61
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E0050 Relevance: 38.9, APIs: 1, Strings: 21, Instructions: 366COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %s attribute is empty$%s attribute is mandatory for task node$2$ApplyXmlTaskUpdate$Cannot convert %s task scheduler time value$Invalid flag %s$OneTime$Processing task node: %s$SystemStart$Unsupported trigger %s$UserLogon$delete$exe$expire$flags$list too long$name$params$start$task$trigger
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 431132790-2618169827
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: ed505ae6247e0b8d1c7846ffb048e9b8ce25d2ca19b814d17159b5302e6e9887
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 4258ffa9a55598f4e93de9b2f95784eeb7f50c17260d18e7b88ec474cc884a73
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ed505ae6247e0b8d1c7846ffb048e9b8ce25d2ca19b814d17159b5302e6e9887
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 27D1DD70D042499ECF05EBA1DA56AFEBBB9BF84310F104429F512A72D1EFB45E44CBA1
                                                                                                                                                                                                                                                                                                                                                                                  Function 009DD46D Relevance: 33.6, APIs: 8, Strings: 11, Instructions: 375sleepfileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_GS.LIBCMT ref: 009DD474
                                                                                                                                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(?,?,ApplyXmlCabUpdate,00000000), ref: 009DD89F
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,ApplyXmlCabUpdate,00000000), ref: 009DD8A7
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8,?,ApplyXmlCabUpdate,00000000), ref: 009DD8C0
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: DeleteErrorFileH_prolog3_LastSleep
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %s attribute is empty$%s attribute is mandatory for cab node$%s is already downloaded as %s, skipping download$.cab$ApplyXmlCabUpdate$Processing cab node: %s$Update file:%s has broken signature$W$cab$dst$srcurl
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2594974565-2313307287
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: f6af3f4540fa3ec26730f52024be744e69faf2931b8a38000478ff78d120f3d8
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: eb060da801cd60cc51bf1a48e322358b5b60af0e4af6ad37311f0bcac345bb56
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f6af3f4540fa3ec26730f52024be744e69faf2931b8a38000478ff78d120f3d8
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 00E1CB30D05249EBDF19EBA4DA56BEDBBB5AF50314F208059F012B72D1EB346E09CB61
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E5708 Relevance: 33.5, APIs: 15, Strings: 4, Instructions: 241COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009E570F
                                                                                                                                                                                                                                                                                                                                                                                  • WTSEnumerateSessionsW.WTSAPI32(00000000,00000000,00000001,?,?,0000002C,009E4BF8), ref: 009E5761
                                                                                                                                                                                                                                                                                                                                                                                  • WTSFreeMemory.WTSAPI32(00000000), ref: 009E583D
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D1D1B: GetCurrentThread.KERNEL32 ref: 009D1D39
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D1D1B: OpenThreadToken.ADVAPI32(00000000,00000020,00000001,00000000), ref: 009D1D54
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D1D1B: GetLastError.KERNEL32 ref: 009D1D60
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D1D1B: ImpersonateSelf.ADVAPI32(00000002), ref: 009D1D6B
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D1D1B: GetLastError.KERNEL32 ref: 009D1D75
                                                                                                                                                                                                                                                                                                                                                                                  • WTSQueryUserToken.WTSAPI32(00000000,?), ref: 009E57AD
                                                                                                                                                                                                                                                                                                                                                                                  • ImpersonateLoggedOnUser.ADVAPI32(?), ref: 009E57BA
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpGetIEProxyConfigForCurrentUser.WINHTTP(?), ref: 009E57C8
                                                                                                                                                                                                                                                                                                                                                                                  • RevertToSelf.ADVAPI32 ref: 009E57D0
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?), ref: 009E57D9
                                                                                                                                                                                                                                                                                                                                                                                  • GlobalFree.KERNEL32(00000000), ref: 009E57EC
                                                                                                                                                                                                                                                                                                                                                                                  • GlobalFree.KERNEL32(00000000), ref: 009E5806
                                                                                                                                                                                                                                                                                                                                                                                  • GlobalFree.KERNEL32(00000000), ref: 009E5815
                                                                                                                                                                                                                                                                                                                                                                                  • WinHttpGetIEProxyConfigForCurrentUser.WINHTTP(?,0000002C,009E4BF8), ref: 009E5852
                                                                                                                                                                                                                                                                                                                                                                                  • GlobalFree.KERNEL32(00000000), ref: 009E586F
                                                                                                                                                                                                                                                                                                                                                                                  • GlobalFree.KERNEL32(00000000), ref: 009E5885
                                                                                                                                                                                                                                                                                                                                                                                  • GlobalFree.KERNEL32(00000000), ref: 009E5890
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Free$Global$User$Current$ConfigErrorHttpImpersonateLastProxySelfThreadToken$CloseEnumerateH_prolog3HandleLoggedMemoryOpenQueryRevertSessions
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: ;= $SeTcbPrivilege$http$https
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 113342924-2753584122
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: fa26d90e061fbe2b349b0598bf0376efb229a69ff2278328b20612f547bf6695
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: e21650836f89befcbeeb7dd4bb7cf914e5a7e6e28f5025d98f767668fca3a0ac
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: fa26d90e061fbe2b349b0598bf0376efb229a69ff2278328b20612f547bf6695
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3A919E30900649EBEF16DBE4DD59BEEBBB9BF44318F144028E501B60E1DB759E48CB21
                                                                                                                                                                                                                                                                                                                                                                                  Function 009DFCAE Relevance: 31.8, APIs: 1, Strings: 17, Instructions: 301COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3_
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %s attribute is empty$%s attribute is mandatory for action node$ApplyXmlProductActionUpdate$Invalid flag %s$Processing action node: %s$Unsupported action %s$action$arg%d$flags$ignore$name$postexecs$postfiles$postregs$preexecs$prefiles$preregs
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2427045233-4096310327
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: d07a47bde4a8752c3fea9afac45cbf10a642e55f4f20996b443e075c91941806
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 546fb370033f86539a3705f627c67511e30fec820835a3a82d05645cb8ae645b
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d07a47bde4a8752c3fea9afac45cbf10a642e55f4f20996b443e075c91941806
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3CB1C271E81248AADF04EBA4DE53BDDB7B5AF54314F14402AF902B72C2EBB05E09CB51
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D5B45 Relevance: 30.2, APIs: 14, Strings: 3, Instructions: 468timeCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_GS_align.LIBCMT ref: 009D5B51
                                                                                                                                                                                                                                                                                                                                                                                  • VariantInit.OLEAUT32(?), ref: 009D5BEA
                                                                                                                                                                                                                                                                                                                                                                                  • VariantClear.OLEAUT32(?), ref: 009D61D8
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D44D2: __EH_prolog3.LIBCMT ref: 009D44D9
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D44D2: SysFreeString.OLEAUT32(?), ref: 009D451B
                                                                                                                                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(?), ref: 009D5C5B
                                                                                                                                                                                                                                                                                                                                                                                  • VariantClear.OLEAUT32(?), ref: 009D5D86
                                                                                                                                                                                                                                                                                                                                                                                  • GetSystemTime.KERNEL32(?), ref: 009D5E18
                                                                                                                                                                                                                                                                                                                                                                                  • SystemTimeToFileTime.KERNEL32(?,?), ref: 009D5E2C
                                                                                                                                                                                                                                                                                                                                                                                  • FileTimeToSystemTime.KERNEL32(?,?), ref: 009D5E61
                                                                                                                                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(?), ref: 009D5EF0
                                                                                                                                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(?), ref: 009D5FFF
                                                                                                                                                                                                                                                                                                                                                                                  • VariantClear.OLEAUT32(?), ref: 009D6016
                                                                                                                                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(?), ref: 009D60F6
                                                                                                                                                                                                                                                                                                                                                                                  • VariantClear.OLEAUT32(?), ref: 009D610D
                                                                                                                                                                                                                                                                                                                                                                                  • VariantClear.OLEAUT32(?), ref: 009D611A
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Variant$ClearFreeStringTime$System$File$H_prolog3H_prolog3_InitS_align
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %04hu-%02hu-%02huT%02hu:%02hu:%02huZ$PrepareOnceTriggerAfter_2$System
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 339498875-1905087579
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 532e0d6ec46f179e2d75551a878762280b9840cfbf9955ae6dc3a538e1806302
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 8cdae3b2531a285422d32fd8cdd89584f2f8e992526831f4966d2f1745deee61
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 532e0d6ec46f179e2d75551a878762280b9840cfbf9955ae6dc3a538e1806302
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A8122671901229DFDB61DF64CC44BEEB7B6AF49301F0080DAE509AB251DB71AE89CF61
                                                                                                                                                                                                                                                                                                                                                                                  Function 009BD445 Relevance: 30.0, APIs: 16, Strings: 1, Instructions: 263COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_GS.LIBCMT ref: 009BD44C
                                                                                                                                                                                                                                                                                                                                                                                  • CreateEventW.KERNEL32(00000000,00000001,00000000,00000000,0000003C,009E55C5,00002710,00000010,009E568A,?,00000000,FFFFD8F0,000000FF), ref: 009BD491
                                                                                                                                                                                                                                                                                                                                                                                  • GetTempPathW.KERNEL32(00000104,00000000,00000104,?,00000000,FFFFD8F0,000000FF), ref: 009BD4B8
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?,?,?,00000000,FFFFD8F0,000000FF), ref: 009BD6C9
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CloseCreateEventH_prolog3_HandlePathTemp
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: AvEmUpdate download
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2557304468-3525673944
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 10778be952122d3e86bff667203a16da597d0a7254fe3c4675b2b7b7ab54f82d
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 3e507e992ecc323fef744007aed1dce0aa8765e231aab9f5a0bb6f3cb39e61f4
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 10778be952122d3e86bff667203a16da597d0a7254fe3c4675b2b7b7ab54f82d
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FCA15E70A01209EFDB10DFE5CA88ADEBBF9AF58324F144059F505EB251EB75AD05CB20
                                                                                                                                                                                                                                                                                                                                                                                  Function 009DA468 Relevance: 28.2, APIs: 1, Strings: 15, Instructions: 243COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009DA46F
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CB0A3: __EH_prolog3.LIBCMT ref: 009CB0AA
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %s attribute is mandatory for node %s$.xml$Empty url or mversion specified in update node$ReadXmlNodeUpdateInfo$confirmation$confirmed$delayed$forced$info_url$mversion$none$outoforder$reboot$update$url
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 431132790-3889163667
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 1e73f2fad2479784627170b8d9b0bcf292956ec7e25ced4d37d93d2e75442caa
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 7af0dba6cb68e890cc5fd05baa8c6a488a316fd7629cd7bf507352daafe9a6d6
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1e73f2fad2479784627170b8d9b0bcf292956ec7e25ced4d37d93d2e75442caa
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 03919370E4420ADADF04EBA0D952BFEB774BF54351F104429F511A72D2EF749A18CBA2
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E16BA Relevance: 26.4, APIs: 11, Strings: 4, Instructions: 185registrylibraryloaderCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009E16C1
                                                                                                                                                                                                                                                                                                                                                                                  • GetModuleHandleW.KERNEL32(advapi32.dll,HandleRegistry,?,00000020,009DAD98), ref: 009E16EC
                                                                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,RegDeleteKeyExW), ref: 009E16FC
                                                                                                                                                                                                                                                                                                                                                                                  • RegCreateKeyExW.ADVAPI32(?,00000014,00000000,00000000,00000000,000F003F,00000000,00000000,00000000), ref: 009E1791
                                                                                                                                                                                                                                                                                                                                                                                  • RegDeleteKeyW.ADVAPI32(?,00000014), ref: 009E17DA
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.ADVAPI32(?,00000014,00000000,000F003F,00000000), ref: 009E180E
                                                                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExW.ADVAPI32(00000000,?,00000000,00000000,00000000,00000000), ref: 009E1832
                                                                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExW.ADVAPI32(00000000,?,00000000,00000034,?,00000000), ref: 009E1873
                                                                                                                                                                                                                                                                                                                                                                                  • RegDeleteValueW.ADVAPI32(00000000,?), ref: 009E1894
                                                                                                                                                                                                                                                                                                                                                                                  • RegSetValueExW.ADVAPI32(00000000,?,00000000,?,?,?), ref: 009E18AC
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 009E18C6
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Value$DeleteQuery$AddressCloseCreateH_prolog3HandleModuleOpenProc
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: HandleRegistry$R$RegDeleteKeyExW$advapi32.dll
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 871536933-2400378492
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 9db3861bec9962f2dc6bdc4f60d6003bc9408aacb7016e6d475df88ebecf22c9
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: d75397590950251e95d7da3e6f780ff9f60d63620dddb55875e3706f30b00bcb
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9db3861bec9962f2dc6bdc4f60d6003bc9408aacb7016e6d475df88ebecf22c9
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6A716D71900786AFDF228FA2CC45FAFBBB9FF45304F040A19E552A2590D775AD44CB91
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E6315 Relevance: 26.3, APIs: 8, Strings: 7, Instructions: 74libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetModuleHandleW.KERNEL32(kernel32.dll,?,?,?,?,009E62B5,?,009C6EB5,?,EvaluateFileCondition,?,000000B8,?,?,?), ref: 009E633B
                                                                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,GetSystemWow64DirectoryW), ref: 009E6358
                                                                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,IsWow64Process), ref: 009E6362
                                                                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,IsWow64Process2), ref: 009E636D
                                                                                                                                                                                                                                                                                                                                                                                  • GetCurrentProcess.KERNEL32(?,?,009E62B5,?,009C6EB5,?,EvaluateFileCondition,?,000000B8,?,?,?), ref: 009E6380
                                                                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,Wow64EnableWow64FsRedirection), ref: 009E639A
                                                                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,Wow64DisableWow64FsRedirection), ref: 009E63A5
                                                                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,Wow64RevertWow64FsRedirection), ref: 009E63B0
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: AddressProc$CurrentHandleModuleProcess
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: GetSystemWow64DirectoryW$IsWow64Process$IsWow64Process2$Wow64DisableWow64FsRedirection$Wow64EnableWow64FsRedirection$Wow64RevertWow64FsRedirection$kernel32.dll
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 977827838-3607082105
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: cf13bc20921dbd8ec63fde18f695c4a277ee511a03bbfc99edad8df6d7088364
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: d6cc3c5032dfe58d618c3e133e0d3f3d99d8130ab3dedafafb144dc8fc756aa2
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: cf13bc20921dbd8ec63fde18f695c4a277ee511a03bbfc99edad8df6d7088364
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 2F211A70904B01AFC7359F6A9849857FAF8FE64B413049E2EB08AD3640D7B0E9448B64
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D032C Relevance: 24.7, APIs: 13, Strings: 1, Instructions: 175filesleepCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_align.LIBCMT ref: 009D0335
                                                                                                                                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(?,80000000,00000005,00000000,00000003,00000000,00000000,?,00000058,00000008,009C70B6,00000001,?,00A5AC3C,?,?), ref: 009D03FA
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,80000000,00000005,00000000,00000003,00000000,00000000,?,00000058,00000008,009C70B6,00000001,?,00A5AC3C,?,?), ref: 009D0405
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8,?,80000000,00000005,00000000,00000003,00000000,00000000,?,00000058,00000008,009C70B6,00000001,?,00A5AC3C,?), ref: 009D041B
                                                                                                                                                                                                                                                                                                                                                                                  • GetFileSize.KERNEL32(00000000,00000000,?,80000000,00000005,00000000,00000003,00000000,00000000,?,00000058,00000008,009C70B6,00000001,?,00A5AC3C), ref: 009D043A
                                                                                                                                                                                                                                                                                                                                                                                  • CreateFileMappingW.KERNEL32(00000000,00000000,00000002,00000000,00000000,00000000,?,80000000,00000005,00000000,00000003,00000000,00000000,?,00000058,00000008), ref: 009D0454
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,80000000,00000005,00000000,00000003,00000000,00000000,?,00000058,00000008,009C70B6,00000001,?,00A5AC3C,?,?), ref: 009D0463
                                                                                                                                                                                                                                                                                                                                                                                  • MapViewOfFile.KERNEL32(00000000,00000004,00000000,00000000,00000009,?,80000000,00000005,00000000,00000003,00000000,00000000,?,00000058,00000008,009C70B6), ref: 009D047B
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,80000000,00000005,00000000,00000003,00000000,00000000,?,00000058,00000008,009C70B6,00000001,?,00A5AC3C,?,?), ref: 009D0488
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,80000000,00000005,00000000,00000003,00000000,00000000,?,00000058,00000008,009C70B6,00000001,?,00A5AC3C,?,?), ref: 009D042D
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009B956C: __EH_prolog3.LIBCMT ref: 009B9573
                                                                                                                                                                                                                                                                                                                                                                                  • UnmapViewOfFile.KERNEL32(?,?,80000000,00000005,00000000,00000003,00000000,00000000,?,00000058,00000008,009C70B6,00000001,?,00A5AC3C,?), ref: 009D04F0
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000,?,80000000,00000005,00000000,00000003,00000000,00000000,?,00000058,00000008,009C70B6,00000001,?,00A5AC3C,?), ref: 009D04FC
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000,?,80000000,00000005,00000000,00000003,00000000,00000000,?,00000058,00000008,009C70B6,00000001,?,00A5AC3C,?), ref: 009D0503
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: File$ErrorLast$CloseCreateHandleView$H_prolog3H_prolog3_alignMappingSizeSleepUnmap
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: W
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1125774135-655174618
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: e9b48ad800a116e481b37fc09b0a7a0834d8c7bb3a3c7caebf7b497cbf276bc2
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: e1465db28add2443e25f744feb996a007b273109e5ac3297d672226cc0f7b664
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e9b48ad800a116e481b37fc09b0a7a0834d8c7bb3a3c7caebf7b497cbf276bc2
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C751AB71C40609AFDF11DFA4DD05BEEBBB9AF89310F258059F901BB290DB756E028B61
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D012D Relevance: 24.7, APIs: 13, Strings: 1, Instructions: 170filesleepCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_align.LIBCMT ref: 009D0136
                                                                                                                                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(000000B8,80000000,00000005,00000000,00000003,00000000,00000000,?,00000070,00000008,009C706F,00000001,?,00A5AC3C,?,?), ref: 009D0200
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,00000070,00000008,009C706F,00000001,?,00A5AC3C,?,?,00A5AC3C,?,?), ref: 009D020B
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8,?,00000070,00000008,009C706F,00000001,?,00A5AC3C,?,?,00A5AC3C,?,?), ref: 009D0221
                                                                                                                                                                                                                                                                                                                                                                                  • GetFileSize.KERNEL32(00000000,00000000,?,00000070,00000008,009C706F,00000001,?,00A5AC3C,?,?,00A5AC3C,?,?), ref: 009D023D
                                                                                                                                                                                                                                                                                                                                                                                  • CreateFileMappingW.KERNEL32(00000000,00000000,00000002,00000000,00000000,00000000,?,00000070,00000008,009C706F,00000001,?,00A5AC3C,?,?,00A5AC3C), ref: 009D0257
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,00000070,00000008,009C706F,00000001,?,00A5AC3C,?,?,00A5AC3C,?,?), ref: 009D0266
                                                                                                                                                                                                                                                                                                                                                                                  • MapViewOfFile.KERNEL32(00000000,00000004,00000000,00000000,00000009,?,00000070,00000008,009C706F,00000001,?,00A5AC3C,?,?,00A5AC3C,?), ref: 009D027E
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,00000070,00000008,009C706F,00000001,?,00A5AC3C,?,?,00A5AC3C,?,?), ref: 009D028B
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,00000070,00000008,009C706F,00000001,?,00A5AC3C,?,?,00A5AC3C,?,?), ref: 009D0230
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009B956C: __EH_prolog3.LIBCMT ref: 009B9573
                                                                                                                                                                                                                                                                                                                                                                                  • UnmapViewOfFile.KERNEL32(?,?,00000070,00000008,009C706F,00000001,?,00A5AC3C,?,?,00A5AC3C,?,?), ref: 009D02F5
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000,?,00000070,00000008,009C706F,00000001,?,00A5AC3C,?,?,00A5AC3C,?,?), ref: 009D0301
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000,?,00000070,00000008,009C706F,00000001,?,00A5AC3C,?,?,00A5AC3C,?,?), ref: 009D0308
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: File$ErrorLast$CloseCreateHandleView$H_prolog3H_prolog3_alignMappingSizeSleepUnmap
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: W
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1125774135-655174618
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 8029abc6a685f9e568a404f474435ddf208f471c05f7325e20a8ea1d5ea13ee1
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: b0c189e10b45f723c5837798910a1c4e14288c1e39aca1e974ef9738c67ece0c
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8029abc6a685f9e568a404f474435ddf208f471c05f7325e20a8ea1d5ea13ee1
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5E518B31C40209AFDF11DBA4CD09BEEBBB9AF98310F25801AF911B7291DB756E458B61
                                                                                                                                                                                                                                                                                                                                                                                  Function 009C95BA Relevance: 23.2, APIs: 4, Strings: 9, Instructions: 440registryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009C95C1
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000,EvaluateRegistryValueCondition,000000FF,00000054,80070057,00000000,00A5B940,000000FF,00000000,00A5B940,000000FF,?,?,00000000), ref: 009C9AB4
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CB1E0: __EH_prolog3.LIBCMT ref: 009CB1E7
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CB0A3: __EH_prolog3.LIBCMT ref: 009CB0AA
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.ADVAPI32(?,?,00000000,00000001,?,?,00A5B940,000000FF,?,00A5B940,000000FF,00000074,00A5B940,000000FF,00000074,00A5B940), ref: 009C999E
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(?,(32),(64),00000074,?,00000074,00A5B940,00000490,00000074,EvaluateRegistryValueCondition,000000FF,00000054,80070057,00000000,00A5B940,000000FF), ref: 009C9A93
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3$Close$Open
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: (32)$(64)$EvaluateRegistryValueCondition$Unknown registry value type specified, %s$W$reg_dword$reg_expand_sz$reg_multi_sz$reg_sz
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3715616226-2146582375
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 12eaaef23bf65d6be3ee5bd3d2307153214e0557e57871201b8e5d41c4d0df5e
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ecc4f54770f7b303114a5cfc071e773f3f2f9e3a0267fa58f35ffd62158b3479
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 12eaaef23bf65d6be3ee5bd3d2307153214e0557e57871201b8e5d41c4d0df5e
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1002AA31D00249EACF04EBA4CA9AFEEBBB8BF54314F14405DE512B71C1EB345A49CB62
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D1BB1 Relevance: 22.9, APIs: 8, Strings: 5, Instructions: 101libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_GS.LIBCMT ref: 009D1BB8
                                                                                                                                                                                                                                                                                                                                                                                  • GetSystemDirectoryW.KERNEL32(00000000,00000104), ref: 009D1C07
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009D1C1C
                                                                                                                                                                                                                                                                                                                                                                                  • LoadLibraryW.KERNEL32(00000000,\wintrust.dll), ref: 009D1C39
                                                                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,CryptCATAdminAddCatalog), ref: 009D1C54
                                                                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(CryptCATAdminAcquireContext), ref: 009D1C66
                                                                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(CryptCATAdminReleaseContext), ref: 009D1C78
                                                                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(CryptCATAdminReleaseCatalogContext), ref: 009D1C8A
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • CryptCATAdminReleaseCatalogContext, xrefs: 009D1C7A
                                                                                                                                                                                                                                                                                                                                                                                  • CryptCATAdminAddCatalog, xrefs: 009D1C4E
                                                                                                                                                                                                                                                                                                                                                                                  • CryptCATAdminAcquireContext, xrefs: 009D1C56
                                                                                                                                                                                                                                                                                                                                                                                  • \wintrust.dll, xrefs: 009D1C29
                                                                                                                                                                                                                                                                                                                                                                                  • CryptCATAdminReleaseContext, xrefs: 009D1C68
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: AddressProc$DirectoryErrorH_prolog3_LastLibraryLoadSystem
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: CryptCATAdminAcquireContext$CryptCATAdminAddCatalog$CryptCATAdminReleaseCatalogContext$CryptCATAdminReleaseContext$\wintrust.dll
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 422659908-3990206036
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: f3256a2074da0268c2276881eb522493f0fbbd9b7e7d34dc516c53f304728af7
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 11357157727f3cebbc5ca2e3cd4d94c089596037cf96cee791699553512a5148
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f3256a2074da0268c2276881eb522493f0fbbd9b7e7d34dc516c53f304728af7
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 08419E75A80305ABDB14DFE4DD05BED7BF9FB08351F14841AF405BA6A0DB349986DB20
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D2224 Relevance: 21.3, APIs: 10, Strings: 2, Instructions: 276libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009D222B
                                                                                                                                                                                                                                                                                                                                                                                  • GetModuleHandleW.KERNEL32(kernel32.dll,?,0000002C), ref: 009D226B
                                                                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000), ref: 009D2272
                                                                                                                                                                                                                                                                                                                                                                                  • K32EnumProcesses.KERNEL32(00000000,00000400,?,?,?,0000002C), ref: 009D22C6
                                                                                                                                                                                                                                                                                                                                                                                  • OpenProcess.KERNEL32(00000411,00000000,00000000,?,0000002C), ref: 009D2329
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: AddressEnumH_prolog3HandleModuleOpenProcProcessProcesses
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: SeDebugPrivilege$kernel32.dll
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 103052862-1993400412
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 1475dc0f779fa47c7d0d60c919ec113fa865e1c00d2ae6e73d9ebf117f7f7b9e
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: c4c18bda136320b00479abdcffa3c4a03958cad481837f7b587187b1c4f5275c
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1475dc0f779fa47c7d0d60c919ec113fa865e1c00d2ae6e73d9ebf117f7f7b9e
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: DCA1C171900209EFDF04EFA4DD45BEEBBB9AF54320F10812AF915A72D0DB749A45CBA1
                                                                                                                                                                                                                                                                                                                                                                                  Function 009CAA50 Relevance: 19.6, APIs: 1, Strings: 10, Instructions: 382COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009CAA57
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009B956C: __EH_prolog3.LIBCMT ref: 009B9573
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: Condition %s=%s is %s$Condition attribute %s is not implemented!$EvaluateComponentCondition$EvaluateXmlNodeCondition$W$and$false$operation_c$operator_c$true
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 431132790-834319042
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 2da9c88344a65c6d905aa077114cadc01e67f11fc6f4d26a383527470dc63b73
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 010ab3c79a7f98839cce8275c43b48e4e3e55b69a24f22722db0d7591a839380
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 2da9c88344a65c6d905aa077114cadc01e67f11fc6f4d26a383527470dc63b73
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 76E16970D0020E9BDF14EBA0DA56FEEB779AF98704F60049DA506671D1EF785A08CB63
                                                                                                                                                                                                                                                                                                                                                                                  Function 009DFA49 Relevance: 17.7, APIs: 1, Strings: 9, Instructions: 189COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %s attribute is empty$%s attribute is mandatory for notify node$ApplyXmlNotifyUpdate$Invalid flag %s$Processing notify node: %s$flags$notify$reboot$url
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 431132790-2074012854
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 5a78eccad365019c7f197f2020fd51891f4691718a51bb79052195e866467cfc
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 778aabe1e184305452e33dd70b530f48fd13c0cc69d6c6931f3721f3bc28b7a1
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 5a78eccad365019c7f197f2020fd51891f4691718a51bb79052195e866467cfc
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: AB618070D4020D9ADF04EBA4DA62BFEB774BF54310F14846AF512A72D2EF745A09CB62
                                                                                                                                                                                                                                                                                                                                                                                  Function 009CD399 Relevance: 17.7, APIs: 8, Strings: 2, Instructions: 155filesleepCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009CD3A0
                                                                                                                                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(00000000,80000000,00000005,00000000,00000003,00000080,00000000,CopyFileOrBufferToResource,?,00000030,009E5357,?), ref: 009CD43F
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009CD44A
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8), ref: 009CD460
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009CD472
                                                                                                                                                                                                                                                                                                                                                                                  • ReadFile.KERNEL32(000000FF,00000000,00000000,00000000,?,00000030,009E5357,?), ref: 009CD4C3
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009CD546
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 009CD55F
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorLast$File$CloseCreateH_prolog3HandleReadSleep
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: CopyFileOrBufferToResource$W
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2247465726-2555685857
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 030d75a0f43b61f1bb03ababb7437fd2719f50052d3dbe915ed0b7a17cb10b30
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 46a58e73a4a364305ddb07ab5bcdd092104ded91c7775fdb5f9d0d4df6c879f8
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 030d75a0f43b61f1bb03ababb7437fd2719f50052d3dbe915ed0b7a17cb10b30
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F8516971D0121A9BDB24DFA8DC48BAEB7B8FB48714F10852DF510B72A0D7749A45CBA2
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E04E2 Relevance: 17.6, APIs: 1, Strings: 9, Instructions: 131COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: ApplyXmlStopUpdate$Invalid flag %s$Processing stop node$W$error$flags$others$stop$this
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 431132790-609158399
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b2bb4b3855ab1c147ae4bf1d056aeb4b825463004735ecdec8e74faf768cf285
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 86ab9a30ceee419b7962790bfc2fb98b191212e843a99b126932382bb4c5a1d1
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b2bb4b3855ab1c147ae4bf1d056aeb4b825463004735ecdec8e74faf768cf285
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B041B370D012499FCF05EBA4DA02BEE7774AFA4714F140529F801B72C2EAB45F44CBA6
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E227A Relevance: 16.6, APIs: 11, Instructions: 108sleepfileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009E2281
                                                                                                                                                                                                                                                                                                                                                                                  • RemoveDirectoryW.KERNEL32(?,?,00000028,009DAFFD), ref: 009E22D8
                                                                                                                                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(?,?,00000028,009DAFFD), ref: 009E22FF
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,00000028,009DAFFD), ref: 009E2307
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8,?,00000028,009DAFFD), ref: 009E2320
                                                                                                                                                                                                                                                                                                                                                                                  • MoveFileW.KERNEL32(?,?), ref: 009E2344
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,00000028,009DAFFD), ref: 009E234C
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8,?,00000028,009DAFFD), ref: 009E2365
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CFEAC: __EH_prolog3.LIBCMT ref: 009CFEB3
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CFEAC: GetFileAttributesW.KERNELBASE(?,?,00000024,009C6FC9,?,00A5AC3C,?,?,?,EvaluateFileCondition,?,000000B8,?,?,?), ref: 009CFEC8
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: File$ErrorH_prolog3LastSleep$AttributesDeleteDirectoryMoveRemove
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 385390972-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 1baf210cb885ca0185101ac1de0f737238143366b26c3ac7d203cfc0658a2a31
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: f2a5cfc3a633298c1797c3eddfa85082ec7b3784040d074a5948ddb87a7a5d79
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1baf210cb885ca0185101ac1de0f737238143366b26c3ac7d203cfc0658a2a31
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3B41AF31A002408FCF36DFA6D899B687769AF65B10F255698F8029F2A2C735DC86CF01
                                                                                                                                                                                                                                                                                                                                                                                  Function 009C78DA Relevance: 16.0, APIs: 1, Strings: 8, Instructions: 245COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3_
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: ARM64$EvaluateOsCondition$W$X64$X86$sha256drv$srv$wks
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2427045233-2313915850
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 722b1e3322327875013de745689744a78b4041bd8ffcaba8543e6d2bfb545425
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 69d175f1e20cbc0ac6e58b9867258929b68af0666050d3f9c7cc9aeee77e70ac
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 722b1e3322327875013de745689744a78b4041bd8ffcaba8543e6d2bfb545425
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E4B18CB1D442699BDB24DF94DC46B9DBBB4BB24305F1085ADE80977342E7B00E89CF52
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D9C9D Relevance: 16.0, APIs: 1, Strings: 8, Instructions: 231COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: GetUpdatesInfo$MicroUpdate available for product %s: version:%u$Missing version attribute in a root element, ignoring$W$aswmicroupdates$invalid$obsolete$version
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 431132790-3646211349
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: afa3ac50f7c64d9a0f837dae8f45d79b7a1c22f7b6d313637f83c4bdb94c3ee5
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: d8af0cee31cc6f813f1199d753cce9c885d923506fd7ba299a38f0a74792bee3
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: afa3ac50f7c64d9a0f837dae8f45d79b7a1c22f7b6d313637f83c4bdb94c3ee5
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 60918370D002099FDB15EFA4C985AEEB7F8BF48314F14C46AE416AB391DB349E45CB61
                                                                                                                                                                                                                                                                                                                                                                                  Function 009C8125 Relevance: 15.9, APIs: 7, Strings: 2, Instructions: 136timeCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_GS.LIBCMT ref: 009C812C
                                                                                                                                                                                                                                                                                                                                                                                  • GetSystemTime.KERNEL32(00000074,0000005C,009CAD66,?), ref: 009C8202
                                                                                                                                                                                                                                                                                                                                                                                  • SystemTimeToFileTime.KERNEL32(009BBB8C,?), ref: 009C8216
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009C821C
                                                                                                                                                                                                                                                                                                                                                                                  • SystemTimeToFileTime.KERNEL32(00000074,?), ref: 009C822F
                                                                                                                                                                                                                                                                                                                                                                                  • __aullrem.LIBCMT ref: 009C826C
                                                                                                                                                                                                                                                                                                                                                                                  • __aulldiv.LIBCMT ref: 009C8285
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Time$System$File$ErrorH_prolog3_Last__aulldiv__aullrem
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: EvaluateTimeSpanCondition$W
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3545074414-790226147
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 1bd67d13ed5fec91b733327f4cd34f1c13071d19b4dec9eb832a145dc7572f65
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 2296c1c6ae3b4ee5e8ddae6997fbbbbe6b967259149e8482d61cfbe5c1363c2b
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1bd67d13ed5fec91b733327f4cd34f1c13071d19b4dec9eb832a145dc7572f65
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5E5119B2D00218EFDB11DBD4DD84EEFB7B9BB08345F14052AE512A7151DB34AA4ACB62
                                                                                                                                                                                                                                                                                                                                                                                  Function 009CD290 Relevance: 15.8, APIs: 1, Strings: 8, Instructions: 92COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %hs START$GetSourceType$burger://$file://$ftp://$gopher://$http://$https://
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 431132790-872633010
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: ffd4cfa41fd01d232d3944140271399c1f858570a3941217d6e5c29d959e4261
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 032b91a1ac459606b68e6f0525e1459b46d83cc5e6eb959edacd0cda85e5147c
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ffd4cfa41fd01d232d3944140271399c1f858570a3941217d6e5c29d959e4261
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: BB21F261E81361BBE32032244D03F7F6668AB55F78F19043EFD04AA1C7FAA48B459197
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E23D6 Relevance: 15.8, APIs: 7, Strings: 2, Instructions: 86registrylibraryloaderCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetModuleHandleW.KERNEL32(advapi32.dll), ref: 009E23E5
                                                                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,RegDeleteKeyExW), ref: 009E23F5
                                                                                                                                                                                                                                                                                                                                                                                  • RegDeleteKeyW.ADVAPI32(?,?), ref: 009E2454
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 009E24AF
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: AddressCloseDeleteHandleModuleProc
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: RegDeleteKeyExW$advapi32.dll
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1060142889-4033151799
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 068e96d9cf6cc4e35a4a0f2c0b7c1c925e10295b833058305270692eed5259c0
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 1aeb08c3d62844c6ee8a7311ddce56de47b51dfe003e4ce9eeed5598d7ce7e91
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 068e96d9cf6cc4e35a4a0f2c0b7c1c925e10295b833058305270692eed5259c0
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 49315871600280AFEB2ACFA2DC89FA67B6DFB49310F158098E1055B1F1E778ED45DB50
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A103E7 Relevance: 14.5, APIs: 1, Strings: 7, Instructions: 487COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: __aulldiv
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: :$f$f$f$p$p$p
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3732870572-1434680307
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: aff5657179a09ee94d354b651882a5337cbc2859b55e4f2f9efe2dfda081f097
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: dc5be3d13b925f84e27fc99268d28eb37a97a35a8ee0f856b0e325da86d64d38
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: aff5657179a09ee94d354b651882a5337cbc2859b55e4f2f9efe2dfda081f097
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A602AE799011089AEF308FA6D468EEEB7B6FF40B14FA48115E455BB281D7B09EC4CF58
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D6B96 Relevance: 14.3, APIs: 5, Strings: 3, Instructions: 305COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_GS_align.LIBCMT ref: 009D6BA2
                                                                                                                                                                                                                                                                                                                                                                                  • VariantClear.OLEAUT32(?), ref: 009D6D7C
                                                                                                                                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(00000000), ref: 009D6DDC
                                                                                                                                                                                                                                                                                                                                                                                  • SysStringLen.OLEAUT32(?), ref: 009D6DFB
                                                                                                                                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(?), ref: 009D6F7D
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: String$Free$ClearH_prolog3_S_alignVariant
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: AswUpdate_$DeleteAlreadyExecutedRestartJobs_2$W
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 905129981-3369918620
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 14d0e45d309213c4944a90758ef229031fc099d20b695de397fbd9542968c0fc
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 6cccef530f00ba69002d2fd249454da2d16ad85e205dd2a5b1bc5662a69be234
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 14d0e45d309213c4944a90758ef229031fc099d20b695de397fbd9542968c0fc
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3BD1E171900629DFDB25CF68DC48BEEBBB5AF49305F1080D9E409AB261DB719E84CF91
                                                                                                                                                                                                                                                                                                                                                                                  Function 009DEA6C Relevance: 14.2, APIs: 1, Strings: 7, Instructions: 164COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %u $ApplyXmlVersionUpdate$Processing version node$auto$list too long$update$version
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 431132790-333802449
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 798551acc8ff7e2af89dde9be45ef0a25a691f29a0dd23622051dd2f13c40adc
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ba2812f4593e25a961d611404d9ceba2cc1b26b5c439d758713f751a28c89c79
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 798551acc8ff7e2af89dde9be45ef0a25a691f29a0dd23622051dd2f13c40adc
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C0519F70D002099FDF19EBA4DA42BEEBBB4BF54311F14845EE411BB2C2DB759A05CB62
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E460F Relevance: 14.1, APIs: 5, Strings: 3, Instructions: 133sleepfileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CEEB3: __EH_prolog3_GS.LIBCMT ref: 009CEEBA
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CEEB3: UuidCreate.RPCRT4(?), ref: 009CEF14
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CEEB3: UuidToStringW.RPCRT4(?,00000000), ref: 009CEF2D
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CEEB3: GetTickCount.KERNEL32 ref: 009CEF4A
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CEEB3: RpcStringFreeW.RPCRT4(00000000), ref: 009CEFA3
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?), ref: 009E46CF
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D1F7F: __EH_prolog3_catch.LIBCMT ref: 009D1F86
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?), ref: 009E4710
                                                                                                                                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(00000000,ApplyUpdate,00000000,00000024,009E3CD4,ApplyUpdates,00000000,00000010,009BBBCA), ref: 009E47B2
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009E47BA
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8), ref: 009E47D3
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CFCA5: __EH_prolog3.LIBCMT ref: 009CFCAC
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CFCA5: CreateDirectoryW.KERNELBASE(?,00000000,?,?,00000010,009CCFEE), ref: 009CFD39
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CFCA5: GetLastError.KERNEL32(?,?,00000010,009CCFEE), ref: 009CFD47
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CloseCreateErrorHandleLastStringUuid$CountDeleteDirectoryFileFreeH_prolog3H_prolog3_H_prolog3_catchSleepTick
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: R$Update mver:%u file:%s has broken signature$\update.xml
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2265301625-2183282063
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: ea7852933bef2d6536179dc1a139780b6d41871a3e0ca89344901d43eb5e1d2c
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 55f4387f3670b88419c4d870c1d56278f4239f1b3a93cbf59ee774d4ea991064
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ea7852933bef2d6536179dc1a139780b6d41871a3e0ca89344901d43eb5e1d2c
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: ED51CC30D0028ADBDF16EBE5CA85BEEBBB5AF45314F244068E401772D1DB365E44CBA2
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E068F Relevance: 14.1, APIs: 1, Strings: 7, Instructions: 122COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %s attribute is mandatory for define node$ApplyXmlDefineUpdate$Define(%s) is already defined$Processing define node$W$define$name
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 431132790-1879767275
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: c18018079f03f9f0387b78a10ef4c88f4476b5cbd89e48f97e7496b269208b03
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: da911c0cd6763ade763776948f607d2c558e6e304c7c343d8a0bb30edec6f212
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c18018079f03f9f0387b78a10ef4c88f4476b5cbd89e48f97e7496b269208b03
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: FC41CF31D00109ABCF05EBA0D952BEEB7B9BF84314F14406DF512A72C2DB756E46CBA2
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E080E Relevance: 14.1, APIs: 1, Strings: 7, Instructions: 118COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %s attribute is mandatory for call node$ApplyXmlCallUpdate$Call(%s) is not defined$Processing call node$W$call$name
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 431132790-2425959492
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: e213ec7be081ac0b5ce9609aeb1de29f1dea648e3c131f1cd4183a1fc35c5cf6
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 2c2e749a4d192f95e3975ffc303063da359699cfd8ce74ea951bd743f6058cbe
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e213ec7be081ac0b5ce9609aeb1de29f1dea648e3c131f1cd4183a1fc35c5cf6
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0C419E31D002099BDF05EBA0DA52BFEB379AF44314F144469F512672D2DF746E49CBA2
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E1900 Relevance: 14.1, APIs: 5, Strings: 3, Instructions: 116registryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009E1907
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.ADVAPI32(00000000,00000100,?,HandleVersions,?,00000024,009DAE37), ref: 009E1949
                                                                                                                                                                                                                                                                                                                                                                                  • RegSetValueExW.ADVAPI32(?,00000000,00000004,00A724F4,00000004), ref: 009E1996
                                                                                                                                                                                                                                                                                                                                                                                  • RegSetValueExW.ADVAPI32(?,00000000,00000004,00A724F8,00000004), ref: 009E19D3
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 009E1A4B
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Value$CloseH_prolog3Open
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: HandleVersions$MicroUpdates$Unable to open product registry key gle=%u
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 188948663-263331911
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 800f437309b197190d9979c3f79bda34036dc3ef6347774c92fa0fc2b95ea51f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 18dd89f8c8f1cbe337cf01b76f1a28d2f94a88079af71544445b1aa5c7d7c555
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 800f437309b197190d9979c3f79bda34036dc3ef6347774c92fa0fc2b95ea51f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 10418E71D00345AFDB21CFA5ED85FAEBBB5FB88310F104029E645A7291D734AE46CB61
                                                                                                                                                                                                                                                                                                                                                                                  Function 009CFA8A Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 77registryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • WTSEnumerateSessionsW.WTSAPI32(00000000,00000000,00000001,?,?), ref: 009CFABB
                                                                                                                                                                                                                                                                                                                                                                                  • WTSFreeMemory.WTSAPI32(00000000), ref: 009CFB49
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D1D1B: GetCurrentThread.KERNEL32 ref: 009D1D39
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D1D1B: OpenThreadToken.ADVAPI32(00000000,00000020,00000001,00000000), ref: 009D1D54
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D1D1B: GetLastError.KERNEL32 ref: 009D1D60
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D1D1B: ImpersonateSelf.ADVAPI32(00000002), ref: 009D1D6B
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D1D1B: GetLastError.KERNEL32 ref: 009D1D75
                                                                                                                                                                                                                                                                                                                                                                                  • WTSQueryUserToken.WTSAPI32(00000000,?), ref: 009CFAEC
                                                                                                                                                                                                                                                                                                                                                                                  • ImpersonateLoggedOnUser.ADVAPI32(?), ref: 009CFAF9
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenCurrentUser.ADVAPI32(000F003F,?), ref: 009CFB0C
                                                                                                                                                                                                                                                                                                                                                                                  • RevertToSelf.ADVAPI32 ref: 009CFB1D
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?), ref: 009CFB26
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: User$CurrentErrorImpersonateLastOpenSelfThreadToken$CloseEnumerateFreeHandleLoggedMemoryQueryRevertSessions
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: SeTcbPrivilege
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1438319228-1502394177
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 9307cb2fa152cf5dd11f71d3ff3c8cf83d382f22374ae2670dec31f00fe21661
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 656ee828594d0d142f7200189170b793ab44daeffc452e980a704b4394b86c31
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 9307cb2fa152cf5dd11f71d3ff3c8cf83d382f22374ae2670dec31f00fe21661
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 84217C71E00118EBDF24DBE4EC58FAEBBBDEF48700F20416AA405E6150DB70AE06CB61
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E4820 Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 74registryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009E4827
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.ADVAPI32(00000000,00000100,?,ReloadVersions,00000009,0000001C,009E422C), ref: 009E4864
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009E486E
                                                                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExW.ADVAPI32(?,00000000,00000000,00000000,00000000), ref: 009E48A2
                                                                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExW.ADVAPI32(?,00000000,00000000,00000000,00000000), ref: 009E48CB
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 009E48E7
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • ReloadVersions, xrefs: 009E4832
                                                                                                                                                                                                                                                                                                                                                                                  • Cannot open product registry key, gle=%u, xrefs: 009E4875
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: QueryValue$CloseErrorH_prolog3LastOpen
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: Cannot open product registry key, gle=%u$ReloadVersions
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2545126296-606282052
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 329b18fce0936bb6f6b29d3ac690af8bf861dcf0d5c05ae8f3eda86192364c43
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 00c14664f9565d3364802fd3efc1b50f9f8bf9fd556bfa5e0e995779c01fdf5a
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 329b18fce0936bb6f6b29d3ac690af8bf861dcf0d5c05ae8f3eda86192364c43
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 492107B1D0025AAFEB15DFE1DD45EAFBBB8FB48350F00412AF915A22A0D7345942DF60
                                                                                                                                                                                                                                                                                                                                                                                  Function 009B8980 Relevance: 14.1, APIs: 5, Strings: 3, Instructions: 68registryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_GS.LIBCMT ref: 009B8987
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.ADVAPI32(80000002,SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ccleaner.exe,00000000,00020119,?,0000003C,009B8B91), ref: 009B89C7
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.ADVAPI32(80000002,SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ccleaner.exe,00000000,00020219,?), ref: 009B89E5
                                                                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExW.ADVAPI32(00000000,Path,00000000,?,?,00000208), ref: 009B8A20
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 009B8A29
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Open$CloseH_prolog3_QueryValue
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: C:\Program Files\CCleaner$Path$SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\ccleaner.exe
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3995703345-2256143087
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 430fa2d33609fb3747719874792b0f182d11a6eb651f378992ad1096dde4b253
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 049924830ff87e41914da78439ca6079a18b90c3f03e56e014ba83265ec42e05
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 430fa2d33609fb3747719874792b0f182d11a6eb651f378992ad1096dde4b253
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: DF21E771D4021CEEDB05EFE4EE89BEDBAB8FB18715F504019F601B6192DBB45A49CB10
                                                                                                                                                                                                                                                                                                                                                                                  Function 009CF2EA Relevance: 12.7, APIs: 5, Strings: 2, Instructions: 440COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_GS.LIBCMT ref: 009CF2F4
                                                                                                                                                                                                                                                                                                                                                                                  • ExpandEnvironmentStringsW.KERNEL32(?,00000000,00000000), ref: 009CF55E
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,00000000,00000000), ref: 009CF56E
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: EnvironmentErrorExpandH_prolog3_LastStrings
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: [cabdir:${cabdir:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 458066190-2395424952
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 0ad01d1bac316374397c724052060c74b777273ce987d588f281242685506728
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 9547246df2d576595ea83f1b332120eb6a717821553d46d836f0659e57b7ad8c
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0ad01d1bac316374397c724052060c74b777273ce987d588f281242685506728
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 23225471C002689ADB24DF64CD99BECBBB5AF55318F1081E9E5096B2A1EB741F88CF41
                                                                                                                                                                                                                                                                                                                                                                                  Function 009CE930 Relevance: 12.4, APIs: 4, Strings: 3, Instructions: 160COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetModuleFileNameW.KERNEL32(00000000,00000000,00000104,00000104,/emupdater,11C5A2E7), ref: 009CEA7F
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CDE8A: __EH_prolog3.LIBCMT ref: 009CDE91
                                                                                                                                                                                                                                                                                                                                                                                  • SetConsoleCtrlHandler.KERNEL32(009CE653,00000000,11C5A2E7), ref: 009CEACB
                                                                                                                                                                                                                                                                                                                                                                                  • FreeConsole.KERNEL32 ref: 009CEAD1
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000,11C5A2E7), ref: 009CEAE3
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009B956C: __EH_prolog3.LIBCMT ref: 009B9573
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ConsoleH_prolog3$CloseCtrlFileFreeHandleHandlerModuleName
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: /debug$/debugdbgout$/emupdater
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1054452299-472114437
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 7795c6f1d1bc603d5c2dc7074f6fd1299389a810500ce341191f92e7430183e2
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: e095282ba84e5c27d415eb4af6a475472d48c18bba501d1c15d0f4f0fd5c00a6
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7795c6f1d1bc603d5c2dc7074f6fd1299389a810500ce341191f92e7430183e2
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9161D430D01289DFDB05DBA8CA99BEEBBB9FF51314F14845CE112672D1DB756A08CB22
                                                                                                                                                                                                                                                                                                                                                                                  Function 009C71CE Relevance: 12.4, APIs: 4, Strings: 3, Instructions: 159registryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009C71D5
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000,00000000,?,?,?,009CACED,?,00000000,?,?,?,?,?,?,00000074,00000000), ref: 009C7319
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.ADVAPI32(00000000,009BBB8C,00000000,00020019,00000000,00000000,?,?,?,009CACED,?,00000000), ref: 009C7369
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000,?,?,?,009CACED,?,00000000,?,?,?,?,?,?,00000074,00000000,?), ref: 009C7383
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Close$H_prolog3Open
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: (32)$(64)$EvaluateRegistryCondition
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 590689405-3594427413
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 4297a28d74533b47dde9f46c4dcd68131153c37cb86dc6ba1ecd5e788f8197b4
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 5aeb16934fb6686ece30d8f41c4f823f036017be7abed95c9a247923af4f31c2
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 4297a28d74533b47dde9f46c4dcd68131153c37cb86dc6ba1ecd5e788f8197b4
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: BC51FF71D082198BCB15DBE8D941FEEFBB8AF18310F24402DE905B7282E7741E45CBA2
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E1A68 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 105COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009E1A6F
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D1D1B: GetCurrentThread.KERNEL32 ref: 009D1D39
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D1D1B: OpenThreadToken.ADVAPI32(00000000,00000020,00000001,00000000), ref: 009D1D54
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D1D1B: GetLastError.KERNEL32 ref: 009D1D60
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D1D1B: ImpersonateSelf.ADVAPI32(00000002), ref: 009D1D6B
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D1D1B: GetLastError.KERNEL32 ref: 009D1D75
                                                                                                                                                                                                                                                                                                                                                                                  • WTSEnumerateSessionsW.WTSAPI32(00000000,00000000,00000001,00000000,?,HandleExecutes,?,00000020,009DADE9), ref: 009E1ADE
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(?), ref: 009E1B27
                                                                                                                                                                                                                                                                                                                                                                                  • WTSQueryUserToken.WTSAPI32(00000000,?), ref: 009E1B02
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D1DEA: __EH_prolog3.LIBCMT ref: 009D1DF1
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D1DEA: CreateProcessW.KERNEL32(?,00000000,00000000,00000000,00000000,00000000,00000000,00000000,?,?), ref: 009D1E8B
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D1DEA: GetLastError.KERNEL32(?,00000000,00000000,00000000,00000000,00000008,00000000,00000000,?,?), ref: 009D1ED6
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D1DEA: DestroyEnvironmentBlock.USERENV(00000000,?,00000000,00000000,00000000,00000000,00000008,00000000,00000000,?,?), ref: 009D1F46
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D1DEA: CloseHandle.KERNEL32(00000000,?,00000000,00000000,00000000,00000000,00000008,00000000,00000000,?,?), ref: 009D1F5B
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D1DEA: CloseHandle.KERNEL32(00000000,?,00000000,00000000,00000000,00000000,00000008,00000000,00000000,?,?), ref: 009D1F66
                                                                                                                                                                                                                                                                                                                                                                                  • WTSFreeMemory.WTSAPI32(00000000), ref: 009E1B46
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CloseErrorHandleLast$H_prolog3ThreadToken$BlockCreateCurrentDestroyEnumerateEnvironmentFreeImpersonateMemoryOpenProcessQuerySelfSessionsUser
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: HandleExecutes$SeTcbPrivilege
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2219471596-3104995575
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 1d9c6206fbc71a6ebade00c979f430b6e29ae37bc6f6b97a08912b182af896e4
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 814286a379836fddd2896e46a837f177e7cfcecabc2371a377b6d233b62f3c3d
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1d9c6206fbc71a6ebade00c979f430b6e29ae37bc6f6b97a08912b182af896e4
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D841BF7090024AAFDB26DF95DC84BBFFBB9EF44300F14451AE451A7291E770AE45CB60
                                                                                                                                                                                                                                                                                                                                                                                  Function 009DA87D Relevance: 12.4, APIs: 2, Strings: 5, Instructions: 102COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetFullPathNameW.KERNEL32(?,00000104,?,00000000), ref: 009DA89A
                                                                                                                                                                                                                                                                                                                                                                                  • std::generic_category.LIBCPMTD ref: 009DB0EA
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: FullNamePathstd::generic_category
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: W$XML is not valid: "%hs" error:%u, file offset:%u$Yl$}r$q
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1986498866-3772347238
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: bf8ff26681f1358ae7a5ebb8df8d094ac208677b2da497aebaf9f2b093de5d3f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 014f11d8252a158057103a4d5ac3eb6de61263da5ff1ffb072f445a02306c3d2
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: bf8ff26681f1358ae7a5ebb8df8d094ac208677b2da497aebaf9f2b093de5d3f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5D417B30980259DBDF26EB60CD95BEDB378AF54300F1081D9E409A7291EB742F86CF51
                                                                                                                                                                                                                                                                                                                                                                                  Function 009C6968 Relevance: 12.2, APIs: 8, Instructions: 223COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_GS.LIBCMT ref: 009C696F
                                                                                                                                                                                                                                                                                                                                                                                  • WideCharToMultiByte.KERNEL32(0000FDE9,00000000,00000238,000000FF,00000000,00000104,00000000,00000000,?,00000011,?,00000011,?,?,0000002C,009E4506), ref: 009C6ACB
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,?,0000002C,009E4506,?,?,ApplyCabUpdate,?,00000238,009E4796,?,00000000,00000010,009BBBCA), ref: 009C6AD7
                                                                                                                                                                                                                                                                                                                                                                                  • WideCharToMultiByte.KERNEL32(0000FDE9,00000000,009E4796,000000FF,00000000,00000104,00000000,00000000,00000000,?,?,0000002C,009E4506,?,?,ApplyCabUpdate), ref: 009C6B1C
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,?,0000002C,009E4506,?,?,ApplyCabUpdate,?,00000238,009E4796,?,00000000,00000010,009BBBCA), ref: 009C6B22
                                                                                                                                                                                                                                                                                                                                                                                  • #20.CABINET(Function_000166C0,Function_000166D0,009C66D5,Function_000167C0,Function_000167EB,Function_00016816,Function_0001682B,000000FF,?,00000000,?,?,0000002C,009E4506), ref: 009C6B6A
                                                                                                                                                                                                                                                                                                                                                                                  • #22.CABINET(00000000,00000000,?,00000000,009C6841,00000000,009BBBCA,?,?,?,?,?,?,?,009E4796), ref: 009C6B90
                                                                                                                                                                                                                                                                                                                                                                                  • #23.CABINET(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,?,009E4796), ref: 009C6BA1
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ByteCharErrorLastMultiWide$H_prolog3_
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 885011042-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b4d572daf71d4b72151881dafe0f0f56e52c210dbd74e75e4c5766d5d66082c5
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: f83b44c09f552271ad06968e50b88d6516f5382d79608e8b2fb2fe4f28215fa1
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b4d572daf71d4b72151881dafe0f0f56e52c210dbd74e75e4c5766d5d66082c5
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0781BE72D04109AEDF04EBA4CE96FEEB7B9AF54324F24415CF112B71D2EA656E04C722
                                                                                                                                                                                                                                                                                                                                                                                  Function 009C8560 Relevance: 10.8, APIs: 1, Strings: 5, Instructions: 339COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: EvaluateOperationCondition$InstallerPhase2$Registering second phase update %u, folder: %s$W$[%u]%s
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 431132790-291019915
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: d24cdd61b115a886a08fe3fc2f6071878792e7fb00bd12aebba62dcee4d7db79
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 407f1a8e25938f18dd994af2761e99dbc355e9b777ad19674b8f0fb8498d555e
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d24cdd61b115a886a08fe3fc2f6071878792e7fb00bd12aebba62dcee4d7db79
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C7E15C71C00248DFDB15DF94D955FEEBBB8AF04304F2484ADE111AB292DB759E48CB62
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A099F7 Relevance: 10.8, APIs: 3, Strings: 3, Instructions: 303COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • ___TypeMatch.LIBVCRUNTIME ref: 00A09C24
                                                                                                                                                                                                                                                                                                                                                                                  • _UnwindNestedFrames.LIBCMT ref: 00A09D76
                                                                                                                                                                                                                                                                                                                                                                                  • CallUnexpected.LIBVCRUNTIME ref: 00A09D91
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CallFramesMatchNestedTypeUnexpectedUnwind
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: csm$csm$csm
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3456342781-393685449
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: ad7748b440a2617929c17390b36b9e1d70bdaec401b09e1f23e00f5d04f1f893
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 01c2e3a694476e76c6575ebe1add59bc8d6c6f957b9140a007f7610d13428793
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ad7748b440a2617929c17390b36b9e1d70bdaec401b09e1f23e00f5d04f1f893
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 88B15671C0020DAFCF29EFA4E9819AFBBB5FF19310F14415AE8156B292D731DA91CB91
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D47B5 Relevance: 10.8, APIs: 5, Strings: 1, Instructions: 301timeCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_GS.LIBCMT ref: 009D47BF
                                                                                                                                                                                                                                                                                                                                                                                  • GetModuleFileNameW.KERNEL32(00000000,?,00000104,?,RegisterJob_1,?,RegisterJob_1,?), ref: 009D48B7
                                                                                                                                                                                                                                                                                                                                                                                  • GetLocalTime.KERNEL32(?), ref: 009D49C9
                                                                                                                                                                                                                                                                                                                                                                                  • SystemTimeToFileTime.KERNEL32(?,?), ref: 009D49ED
                                                                                                                                                                                                                                                                                                                                                                                  • FileTimeToSystemTime.KERNEL32(?,?), ref: 009D4A39
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Time$File$System$H_prolog3_LocalModuleName
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: RegisterJob_1
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2400449468-2864063745
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 44a8a31e04330db2712b69b1589a64706e64e1268ef4b801e5f9485ba3b4a78a
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 1ab451554793944629507b7e22ea2017c61b9a85b4c4e7e0362d7f62094fab4d
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 44a8a31e04330db2712b69b1589a64706e64e1268ef4b801e5f9485ba3b4a78a
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 97D107759142299FDB65DB64CC48BAAB7B8BF88305F0081EAE40DE7250DB759F85CF10
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D1603 Relevance: 10.7, APIs: 5, Strings: 1, Instructions: 165registryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.ADVAPI32(00000000,00000100,?), ref: 009D164D
                                                                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExW.ADVAPI32(?,PendingFileDeleteOperations,00000000,?,00000000,?), ref: 009D1680
                                                                                                                                                                                                                                                                                                                                                                                  • RegQueryValueExW.ADVAPI32(?,PendingFileDeleteOperations,00000000,00000007,00000000,?), ref: 009D16CE
                                                                                                                                                                                                                                                                                                                                                                                  • RegSetValueExW.ADVAPI32(?,PendingFileDeleteOperations,00000000,00000007,00000000,?), ref: 009D177F
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(00000000), ref: 009D179B
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Value$Query$CloseOpen
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: PendingFileDeleteOperations
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 97533537-1189029018
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 32c0e1aa162cf688755fa523733539f747bfb9fb05d2d50581f8fb03b5048536
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: fbd5f145ec9309c419067bf13b305e69bad336454b2ad187ab2f5c9f4ec433a3
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 32c0e1aa162cf688755fa523733539f747bfb9fb05d2d50581f8fb03b5048536
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 00519EB7E40209BFDB14DBA8DD41ABE77BDEF88314B158466E805E7350E630AE458B50
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A073F0 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 120COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • _ValidateLocalCookies.LIBCMT ref: 00A07427
                                                                                                                                                                                                                                                                                                                                                                                  • ___except_validate_context_record.LIBVCRUNTIME ref: 00A0742F
                                                                                                                                                                                                                                                                                                                                                                                  • _ValidateLocalCookies.LIBCMT ref: 00A074B8
                                                                                                                                                                                                                                                                                                                                                                                  • __IsNonwritableInCurrentImage.LIBCMT ref: 00A074E3
                                                                                                                                                                                                                                                                                                                                                                                  • _ValidateLocalCookies.LIBCMT ref: 00A07538
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: csm
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1170836740-1018135373
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 377884fc7fa952150ced4a5ab35d30349ff4cede35287a1a53cb0674405c7b1b
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 84a2deb18971a1c05a203a1c209fa74d5ae3bcc89c7809ce33792051102aa68d
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 377884fc7fa952150ced4a5ab35d30349ff4cede35287a1a53cb0674405c7b1b
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1E419234E0421CABCF10DF68E885A9EBFB5BF45314F148155E9185B3D2D732BA01CB91
                                                                                                                                                                                                                                                                                                                                                                                  Function 009C9B60 Relevance: 10.6, APIs: 1, Strings: 5, Instructions: 115COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: EvaluateGdprCondition$ShareData1stParty$ShareData3rdParty$ShowOffers1stParty$ShowOffers3rdParty
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 431132790-3232831358
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 4fc08a30e15cc2fa394376dd46ecf0a9f0f759de9c90c183a3319d95863dcf54
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: f6f2aa78eb2483d18423407c5fb23f1e23346c942805864aa6b7d2799e6d5b97
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 4fc08a30e15cc2fa394376dd46ecf0a9f0f759de9c90c183a3319d95863dcf54
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5F41BE31D5421A9FDB18DBA8D942FAE77B0FB11320F20041EE456BB2D1EB319E44D7A2
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A22A03 Relevance: 10.6, APIs: 4, Strings: 2, Instructions: 74COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • FreeLibrary.KERNEL32(00000000,?,00A22B10,11C5A2E7,00000008,?,00000000,?,?,00A22D26,00000021,FlsSetValue,00A5614C,CONIN$,?), ref: 00A22AC4
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: FreeLibrary
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: api-ms-$ext-ms-
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3664257935-537541572
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: f365ea0826d9fa6ecc38267640a2ba60892cf750918d0a3f2a804ca5aed45dd9
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: f08bb8ac13916ce2942d097d4b45fcbc38076d3dc309c12e2dafb026a5d58588
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f365ea0826d9fa6ecc38267640a2ba60892cf750918d0a3f2a804ca5aed45dd9
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1621D232A41221BBC731DBA8BC45B6A3768EB517A1F650234FE06A7691EA30ED01C7D0
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A2474E Relevance: 9.3, APIs: 6, Instructions: 264COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __allrem.LIBCMT ref: 00A248D6
                                                                                                                                                                                                                                                                                                                                                                                  • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00A248F2
                                                                                                                                                                                                                                                                                                                                                                                  • __allrem.LIBCMT ref: 00A24909
                                                                                                                                                                                                                                                                                                                                                                                  • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00A24927
                                                                                                                                                                                                                                                                                                                                                                                  • __allrem.LIBCMT ref: 00A2493E
                                                                                                                                                                                                                                                                                                                                                                                  • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00A2495C
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Unothrow_t@std@@@__allrem__ehfuncinfo$??2@
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1992179935-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 28024c7b8e07c0bfc21ffb037fdfb362de09123755b90d72e2990c67511285c7
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ec947e91e576a9401081cf3b20f8ab8c359fbc9a52e67d3af0149c86954cc211
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 28024c7b8e07c0bfc21ffb037fdfb362de09123755b90d72e2990c67511285c7
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 33812872A00B269BE720EF2DED81B6BB3E9AF49720F24463AF551D76C1E770D9408750
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A096C0 Relevance: 9.1, APIs: 6, Instructions: 60COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,?,00A096B7,00A076ED,00A05A23,11C5A2E7,?,?,?,00000000,00A33D04,000000FF,?,009F6ED4,?), ref: 00A096CE
                                                                                                                                                                                                                                                                                                                                                                                  • ___vcrt_FlsGetValue.LIBVCRUNTIME ref: 00A096DC
                                                                                                                                                                                                                                                                                                                                                                                  • ___vcrt_FlsSetValue.LIBVCRUNTIME ref: 00A096F5
                                                                                                                                                                                                                                                                                                                                                                                  • SetLastError.KERNEL32(00000000,?,00A096B7,00A076ED,00A05A23,11C5A2E7,?,?,?,00000000,00A33D04,000000FF,?,009F6ED4,?), ref: 00A09747
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorLastValue___vcrt_
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3852720340-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: ad79237dc554d7c4ce402733711f8687284a0ff0bf731ac1f1845e66984b8954
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 0ae4271ea3a3d5416bcbbdc98fb08ab834737ed9557b924928b775560f59404d
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ad79237dc554d7c4ce402733711f8687284a0ff0bf731ac1f1845e66984b8954
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: CC01F73361871D9EEB242FF5BC855672AA8EB133B4720033DF714550F2EF924C029281
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D305E Relevance: 9.0, APIs: 6, Instructions: 44fileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • UnmapViewOfFile.KERNEL32(?,00A67730,00000054,009DD1EB,?,?,?,?,dst_md5,?,src,?,srcurl), ref: 009D3079
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(009E4796,00A67730,00000054,009DD1EB,?,?,?,?,dst_md5,?,src,?,srcurl), ref: 009D308D
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000010,00A67730,00000054,009DD1EB,?,?,?,?,dst_md5,?,src,?,srcurl), ref: 009D3098
                                                                                                                                                                                                                                                                                                                                                                                  • UnmapViewOfFile.KERNEL32(00000000,00A67730,00000054,009DD1EB,?,?,?,?,dst_md5,?,src,?,srcurl), ref: 009D309F
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000238,00A67730,00000054,009DD1EB,?,?,?,?,dst_md5,?,src,?,srcurl), ref: 009D30AD
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(00000000,00A67730,00000054,009DD1EB,?,?,?,?,dst_md5,?,src,?,srcurl), ref: 009D30B8
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CloseHandle$FileUnmapView
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 260491571-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: a326794364575f499cd69824b51a643dec048c47912c62ea5903a9e17f42154a
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 93e7bd349f922eb836f3b7036ba02ea02a388be89854a63c5d6c96466b18722f
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a326794364575f499cd69824b51a643dec048c47912c62ea5903a9e17f42154a
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9201CC75A403159BDB20DBA9EC4499DB7BCBF58721B148616E821F3390D774ED018A61
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D7041 Relevance: 9.0, APIs: 2, Strings: 3, Instructions: 275COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3_
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: AswUpdate_$RegisterRestartJob_1$W
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2427045233-166124985
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 821677d0a6ab7945704ce2ba11f9228cd1121e2db7bce28fa9b2aeacaf924b35
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 760696a799f61be3abaada572a23fee40cd70aededcf137cea27037031863b91
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 821677d0a6ab7945704ce2ba11f9228cd1121e2db7bce28fa9b2aeacaf924b35
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 44C1E870914259EFDB25DBA4CC48B9DB7B8BF48304F0485EAE419AB251EB719F84DF10
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D663E Relevance: 9.0, APIs: 4, Strings: 1, Instructions: 245COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009D6645
                                                                                                                                                                                                                                                                                                                                                                                  • VariantInit.OLEAUT32(?), ref: 009D66B4
                                                                                                                                                                                                                                                                                                                                                                                  • VariantClear.OLEAUT32(?), ref: 009D68B1
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D44D2: __EH_prolog3.LIBCMT ref: 009D44D9
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D44D2: SysFreeString.OLEAUT32(?), ref: 009D451B
                                                                                                                                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(?), ref: 009D6705
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: FreeH_prolog3StringVariant$ClearInit
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: CheckJob_2
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3730854496-4269496511
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: e24eb56906d39b6590eb237d45897b3a304024577f8627d9c1323a10274e9018
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 066ebed3012a935787755c66f5b1439fd7e81e2f8590b4ec2fd8623244bdca20
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: e24eb56906d39b6590eb237d45897b3a304024577f8627d9c1323a10274e9018
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F0A1F470D1121ADFDF15DFA8C984AAEBBB8BF48304F14816EE505EB261D734AE05CB61
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D5835 Relevance: 9.0, APIs: 4, Strings: 1, Instructions: 224timeCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_GS.LIBCMT ref: 009D583F
                                                                                                                                                                                                                                                                                                                                                                                  • GetLocalTime.KERNEL32(?), ref: 009D5A06
                                                                                                                                                                                                                                                                                                                                                                                  • SystemTimeToFileTime.KERNEL32(?,?), ref: 009D5A17
                                                                                                                                                                                                                                                                                                                                                                                  • FileTimeToSystemTime.KERNEL32(?,?), ref: 009D5A49
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • PrepareOnceTriggerAfter_1, xrefs: 009D5863
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Time$FileSystem$H_prolog3_Local
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: PrepareOnceTriggerAfter_1
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1410837033-1411511048
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 658c34a914e7057f2097e1aec28ba08c8cb25f147611a8abed0898a6b168e0c2
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 477f224f12b40586475165d68a1fe50fda9650715fb70fb6d47a7debba85e396
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 658c34a914e7057f2097e1aec28ba08c8cb25f147611a8abed0898a6b168e0c2
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 28910771A106299FDB25DFA4CD84BEAB7B4BF48301F5081EAE409EB250DB359E85CF50
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D0B06 Relevance: 9.0, APIs: 4, Strings: 1, Instructions: 205COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009D0B0D
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009BBD08: __EH_prolog3.LIBCMT ref: 009BBD0F
                                                                                                                                                                                                                                                                                                                                                                                  • GetLongPathNameW.KERNEL32(?,00000000,00000104), ref: 009D0C0B
                                                                                                                                                                                                                                                                                                                                                                                  • GetLongPathNameW.KERNEL32(?,00000000,00000104), ref: 009D0C3D
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009C6C10: __EH_prolog3.LIBCMT ref: 009C6C17
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3$LongNamePath
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: \??\
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2835670015-3047946824
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: bfe6789557d7756e6b26eb5fa63fad63f56f88dc2e0b28d192322baf9c9676ed
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 9b682bb27eb233ff6b1924bc837b8220e6b5289ae6d1334f780f1d975cbd57b2
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: bfe6789557d7756e6b26eb5fa63fad63f56f88dc2e0b28d192322baf9c9676ed
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 0771EF70A00259ABDF15E7B4CA56BFE7B7AAFC0314F144458F5126B2C2DE785E08C722
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D6902 Relevance: 8.9, APIs: 2, Strings: 3, Instructions: 183COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: FreeH_prolog3_Task
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: AswUpdate_$DeleteAlreadyExecutedRestartJobs_1$W
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3105488015-3399114437
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: f47c3040e799cca5d43d0fddd43b399492ff3460cd3824027ab95897cbb0a2b9
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: c4628a58c8657959b01b6899d203121563b83fb2c61759e4e260223f111e41b0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f47c3040e799cca5d43d0fddd43b399492ff3460cd3824027ab95897cbb0a2b9
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 2071B970901629DFCB25DF64CD98BEAB7B4AF89305F0081E9E409AB361DB359E84CF51
                                                                                                                                                                                                                                                                                                                                                                                  Function 009DA2B2 Relevance: 8.9, APIs: 1, Strings: 4, Instructions: 139COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009DA2B9
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009E3C24: __EH_prolog3.LIBCMT ref: 009E3C2B
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: GetBestUpdateInfoFromXmlRoot$Unsupported node %s$condition$update
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 431132790-1832223370
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 12b836adb5d084eaa86abb7d47e2e173abdac21630ca050bb24696aff6db259d
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: e04cbafed99ff306a377d17c1cb7ba32b52d3b7a73eaa5d7703a17ab0fe07dba
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 12b836adb5d084eaa86abb7d47e2e173abdac21630ca050bb24696aff6db259d
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: A6518231D4020A9FCF14EBA4DA52AFEB775AF54314F60802AE502B72D1EB745E46CB52
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D466C Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 119COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009D4673
                                                                                                                                                                                                                                                                                                                                                                                  • VariantInit.OLEAUT32(?), ref: 009D46CD
                                                                                                                                                                                                                                                                                                                                                                                  • VariantClear.OLEAUT32(?), ref: 009D478F
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D44D2: __EH_prolog3.LIBCMT ref: 009D44D9
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D44D2: SysFreeString.OLEAUT32(?), ref: 009D451B
                                                                                                                                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(?), ref: 009D4719
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: FreeH_prolog3StringVariant$ClearInit
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: StartJob_2
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3730854496-608322044
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: f4ffc89ac04fa1aeae8130dda59eb7e1cff78deb010ff131e0ef18f2781b8654
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 25fd20ad14ee395ace47ccc5ad620921bfc560abcbcb3eb43aa69f118d1e1d3c
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f4ffc89ac04fa1aeae8130dda59eb7e1cff78deb010ff131e0ef18f2781b8654
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 77412035C0021A9FDF01DBE8C948BEEBBB9BF49315F144059E401BB261DB74AA05CBA2
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D62B3 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 108COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009D62BA
                                                                                                                                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(?), ref: 009D6391
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CDE8A: __EH_prolog3.LIBCMT ref: 009CDE91
                                                                                                                                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(?), ref: 009D6357
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D8BE5: SysAllocString.OLEAUT32(00000000), ref: 009D8BFE
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D8BE5: VariantClear.OLEAUT32 ref: 009D8C38
                                                                                                                                                                                                                                                                                                                                                                                  • SysFreeString.OLEAUT32(?), ref: 009D63CB
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: String$Free$H_prolog3$AllocClearVariant
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: UnregisterJob_2
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1337900646-2722036283
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 1a742d3440cb026af47bce7a35b700d23d8d5689e28a6ae2c06773e4cc45335d
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 8ac7e29990a574b5a7c6034f26561939bbe3223b48fa352a43d1a948820f4cee
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1a742d3440cb026af47bce7a35b700d23d8d5689e28a6ae2c06773e4cc45335d
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1D415A30C10219EFDF05DB94C985BEEBBB5BF59314F248099E01177292CB796B04DB62
                                                                                                                                                                                                                                                                                                                                                                                  Function 009C6841 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 96sleepfileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009C6848
                                                                                                                                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(?,40000000,00000005,00000000,00000002,00000080,00000000), ref: 009C6920
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009C6928
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8), ref: 009C6942
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CreateErrorFileH_prolog3LastSleep
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %s%hs
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 308772832-3961986361
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: f919475df1cca1afeeef4e6d4be7d0c1eb818b394bce93bf3fc8bfc32cc85862
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 87c8d0213ee3ec5063c11f86864ed90d908d005ff9b6d3efc34d1a7bf8b42f2c
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: f919475df1cca1afeeef4e6d4be7d0c1eb818b394bce93bf3fc8bfc32cc85862
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8131E432900109ABDB14EFB8CE99FAD7B65EB05320F108258F625AB0E1DA31DE45C782
                                                                                                                                                                                                                                                                                                                                                                                  Function 009C9CB4 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 91COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: Active$Admin$EvaluateUserCondition$W
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 431132790-1197752637
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 45071fa975ac98debbc089415fcd50d44bb09d9896ed994306ab78bd3f36681f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: c94d523449eae45fb827e5cce10bbce126420156e46a658b4a5fc3ab4e22981e
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 45071fa975ac98debbc089415fcd50d44bb09d9896ed994306ab78bd3f36681f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: E531A031D0524AAACF15EBA8C952BEEBB74AF11310F24445DF0527B2D2DB704B44C7A2
                                                                                                                                                                                                                                                                                                                                                                                  Function 009CEBA1 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 74memoryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • AttachConsole.KERNEL32(000000FF), ref: 009CEBDA
                                                                                                                                                                                                                                                                                                                                                                                  • AllocConsole.KERNEL32 ref: 009CEBE4
                                                                                                                                                                                                                                                                                                                                                                                  • SetConsoleCtrlHandler.KERNEL32(009CE653,00000001), ref: 009CEC3D
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Console$AllocAttachCtrlHandler
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: CONIN$$CONOUT$
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2170783835-123850019
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 369cec508aad22c5cce8f40692e0e951561e0c2a169d3d2764fa993c0d23949a
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: d3d4bd713a1e993fbe9fc679d11a282c8766ad54bd7f1fd8f0e56a4c93e8ad44
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 369cec508aad22c5cce8f40692e0e951561e0c2a169d3d2764fa993c0d23949a
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 8621C630A403446AE715EBA6AF0AF993FDCEB45714F14801CFD5A960D2C7B498C1876B
                                                                                                                                                                                                                                                                                                                                                                                  Function 009CA274 Relevance: 8.8, APIs: 1, Strings: 4, Instructions: 60COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: EvaluateIcarusCondition$W$false$true
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 431132790-4209670578
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 1cdb0676dc69e7ebd668b5c926aca2ac6aa35e074e271673f504c0c2b67ead5a
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 3b71abe5b3ba3269935aebe984ca9beb8079d5c345453345e43f15d7c18a1f84
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1cdb0676dc69e7ebd668b5c926aca2ac6aa35e074e271673f504c0c2b67ead5a
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 6E116D71D0465ADACF14EBA4DE51BEE7B70AF50324F24485DE462372D2EB345A04C727
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A1F24E Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 42libraryloaderCOMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetModuleHandleExW.KERNEL32(00000000,mscoree.dll,00000000,11C5A2E7,00000001,?,00000000,00A339F0,000000FF,?,00A1F1DE,?,?,00A1F1B2,00000016), ref: 00A1F283
                                                                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000,CorExitProcess), ref: 00A1F295
                                                                                                                                                                                                                                                                                                                                                                                  • FreeLibrary.KERNEL32(00000000,?,00000000,00A339F0,000000FF,?,00A1F1DE,?,?,00A1F1B2,00000016), ref: 00A1F2B7
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: AddressFreeHandleLibraryModuleProc
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: CorExitProcess$mscoree.dll
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 4061214504-1276376045
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 4c1e4805df47b34de1ec1a3af3ded33e8bbae3193c7b1b0cb08b856dc9ec65e0
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: a061e09c2891856766a389abb573b29f12584e05bc0a2765786f8eb6a852581a
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 4c1e4805df47b34de1ec1a3af3ded33e8bbae3193c7b1b0cb08b856dc9ec65e0
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4401A232944659EFCB01CF94DC06BEEBBB8FB08B15F010626FC21A2290DB74A941CA80
                                                                                                                                                                                                                                                                                                                                                                                  Function 009C66D5 Relevance: 7.6, APIs: 5, Instructions: 76sleepfileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009C66DC
                                                                                                                                                                                                                                                                                                                                                                                  • MultiByteToWideChar.KERNEL32(0000FDE9,00000000,?,00000000,00000000,00000104,00000104,00000008), ref: 009C673A
                                                                                                                                                                                                                                                                                                                                                                                  • CreateFileW.KERNEL32(?,?,00000005,00000000,?,00000080,00000000), ref: 009C676F
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 009C6777
                                                                                                                                                                                                                                                                                                                                                                                  • Sleep.KERNEL32(000000C8), ref: 009C6791
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ByteCharCreateErrorFileH_prolog3LastMultiSleepWide
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 302077248-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 4aacc50448df19fc25601bb1531ff9b9ebe94ea3f2752b8001b1151c6d0ca51b
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 304a98af4dd497532f5e3ab2701e344bfa83f3242787d14a9a1d5b8ac7949f02
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 4aacc50448df19fc25601bb1531ff9b9ebe94ea3f2752b8001b1151c6d0ca51b
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 3B21C275A00315ABDB109BA4DD89FEE37A5AF84324F104A18F926AB2D1DA346D048B21
                                                                                                                                                                                                                                                                                                                                                                                  Function 009C909F Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 132COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009C90A6
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CBBAB: __EH_prolog3.LIBCMT ref: 009CBBB2
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: ERR$EvaluateGeoCondition$W
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 431132790-2542040124
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 39d288e1e3df3dc656d9e93d9f89ae8fb64084403c57b7296d7fee5e702b4c60
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 96adef4288ef40b211da5b2609b2178ea66838725065fa00b816667488be5237
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 39d288e1e3df3dc656d9e93d9f89ae8fb64084403c57b7296d7fee5e702b4c60
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: AA514B31C04159DBDB04EBA4CA9AFFEB778AF50314F584458E522B71C2DB785E48CBA2
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D440F Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 71memoryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • %04u-%02u-%02uT%02u:%02u:%02uZ, xrefs: 009D447E
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: String$AllocFreeH_prolog3_
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %04u-%02u-%02uT%02u:%02u:%02uZ
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1289132702-3000309843
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 52983a82f54908126cc1cbf0d0d489cfb15bfe17bd769d93fc7aa4582fa1ba34
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ca09696fce50a071ccf2975ed0d9126065d54eafd932c8b54bc686aa702dbef5
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 52983a82f54908126cc1cbf0d0d489cfb15bfe17bd769d93fc7aa4582fa1ba34
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D9219F72940209EBCF15EFA4E981ADD7BF9EF08320B20C116F515AA291CB349590CB95
                                                                                                                                                                                                                                                                                                                                                                                  Function 009B8680 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 71libraryloaderCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetModuleHandleW.KERNEL32(ntdll.dll,RtlDllShutdownInProgress,009F0DD7,00000101,?), ref: 009B86FA
                                                                                                                                                                                                                                                                                                                                                                                  • GetProcAddress.KERNEL32(00000000), ref: 009B8701
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: AddressHandleModuleProc
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: RtlDllShutdownInProgress$ntdll.dll
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1646373207-582119455
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: c173252e8d3e042b805e671520e1a80546876d775f961f3400eb9ee112bd82a2
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 199a2015c9affa360332afea48e9bb230b7b9d008b9e2e0cd549288062cc9cd9
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c173252e8d3e042b805e671520e1a80546876d775f961f3400eb9ee112bd82a2
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: D3012833905A41DFCB119B74BA055A2772CFA5B3317154A99E810FB5E1CF216807D650
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A0A762 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 27libraryCOMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • LoadLibraryExW.KERNEL32(00000000,00000000,00000800,?,00A0A713,00000000,?,00A70AF8,?,?,?,00A0A8B6,00000004,InitializeCriticalSectionEx,00A53724,InitializeCriticalSectionEx), ref: 00A0A76F
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,00A0A713,00000000,?,00A70AF8,?,?,?,00A0A8B6,00000004,InitializeCriticalSectionEx,00A53724,InitializeCriticalSectionEx,00000000,?,00A0A66D), ref: 00A0A779
                                                                                                                                                                                                                                                                                                                                                                                  • LoadLibraryExW.KERNEL32(00000000,00000000,00000000), ref: 00A0A7A1
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: LibraryLoad$ErrorLast
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: api-ms-
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3177248105-2084034818
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 0c79cbc5f16b7f842b4a824f3c5baf52b7e399670c5cd031ee7e4eaf51af4ee0
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: b62a6938bf913dbcb69d55b802b59fd40514fde413997ab6b8445175aded0944
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 0c79cbc5f16b7f842b4a824f3c5baf52b7e399670c5cd031ee7e4eaf51af4ee0
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1FE04F30680308BBEF201BE1FC06B593E68ABB1B41F108030FA0CE80E1E771A96185C5
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A140D1 Relevance: 6.3, APIs: 4, Instructions: 338fileCOMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetConsoleOutputCP.KERNEL32(11C5A2E7,00000000,00000000,?), ref: 00A14134
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00A22FC3: WideCharToMultiByte.KERNEL32(00000000,00000000,00000000,00000000,?,00000000,?,0000FDE9,00000000,-00000008,00000000,?,00A2552D,?,00000000,-00000008), ref: 00A2306F
                                                                                                                                                                                                                                                                                                                                                                                  • WriteFile.KERNEL32(?,?,00000000,?,00000000), ref: 00A1438F
                                                                                                                                                                                                                                                                                                                                                                                  • WriteFile.KERNEL32(?,?,00000001,?,00000000), ref: 00A143D7
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32 ref: 00A1447A
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: FileWrite$ByteCharConsoleErrorLastMultiOutputWide
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2112829910-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 8a2500d94b525410c940e3a981f8b56f8996b40b8b49061f1074b6cc5177951e
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 89225910ae57a95612b2baac8fb174a087c4d3fd5f703dd323204c0a7b557017
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 8a2500d94b525410c940e3a981f8b56f8996b40b8b49061f1074b6cc5177951e
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 5AD149B5D002589FCB15CFE8D880AEDBBB4FF49314F18856AE965EB351D730A982CB50
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A097A0 Relevance: 6.2, APIs: 4, Instructions: 168COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: AdjustPointer
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1740715915-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 58d8534dd76ee924183c0f97998ba3d461681a188114fe2b36939b1614ea8a72
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 34a6dab5dd50730e179f0c3286327d6aec3e7343a4743a9dcb815d6bf10d58b8
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 58d8534dd76ee924183c0f97998ba3d461681a188114fe2b36939b1614ea8a72
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 4751D172A0160AAFEB258F15E941BAB73B4EF45710F14852DE805873D3E731EC88CB90
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A1D7CE Relevance: 6.1, APIs: 4, Instructions: 132COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID:
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 28c89b02fe76be94d73a7468a1d4773612d14a49025e216f9d726df9d3cbf30e
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: c396dac26cf17ea2da0af06e53cb9b8f17e2828b329e7992a526a65ef2cd159e
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 28c89b02fe76be94d73a7468a1d4773612d14a49025e216f9d726df9d3cbf30e
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 52410971A00718AFD724AF78DD41B9ABBA9EB84710F10452DF155DB7C1D371E9818790
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E21D6 Relevance: 6.1, APIs: 4, Instructions: 62registryCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • RegOpenKeyExW.ADVAPI32(00000000,00000100,?), ref: 009E2200
                                                                                                                                                                                                                                                                                                                                                                                  • RegSetValueExW.ADVAPI32(?,00000000,00000004,00A725CC,00000004), ref: 009E223A
                                                                                                                                                                                                                                                                                                                                                                                  • RegSetValueExW.ADVAPI32(?,00000000,00000004,00A725D0,00000004), ref: 009E224D
                                                                                                                                                                                                                                                                                                                                                                                  • RegCloseKey.ADVAPI32(?), ref: 009E226D
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Value$CloseOpen
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3241186055-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: c770e26d4ced081811fa050ae9a8c82f639e2125a07d2cfd8240446258cee24f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 909e30388035a23e97b5027c884161dfdbe1b0edb44dc6af6d6c0e7e16ce7347
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c770e26d4ced081811fa050ae9a8c82f639e2125a07d2cfd8240446258cee24f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C311BF32A00148FFDB1ACFE5EC94E5ABB7DFB89350710806AF20893220D7355D82EB50
                                                                                                                                                                                                                                                                                                                                                                                  Function 009F73D0 Relevance: 6.1, APIs: 4, Instructions: 56COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • ___std_exception_copy.LIBVCRUNTIME ref: 009F7423
                                                                                                                                                                                                                                                                                                                                                                                  • ___std_exception_destroy.LIBVCRUNTIME ref: 009F743D
                                                                                                                                                                                                                                                                                                                                                                                  • ___std_exception_copy.LIBVCRUNTIME ref: 009F7447
                                                                                                                                                                                                                                                                                                                                                                                  • ___std_exception_destroy.LIBVCRUNTIME ref: 009F7461
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ___std_exception_copy___std_exception_destroy
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2970364248-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: a8e1164dc74bc4362ffda7e45286d7d21ddec3c6083e07a1ce458ef649917dfc
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 1b011faaa6b97884b5a0447df268cfb9cb757eb5cb4e002b76ebc2dc7af7a5f4
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a8e1164dc74bc4362ffda7e45286d7d21ddec3c6083e07a1ce458ef649917dfc
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 871151B2C0425DABCB00DF94D945BDEFBF8EB09314F10422AE915A3280EB756604CBD1
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A230FE Relevance: 6.0, APIs: 4, Instructions: 27COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • ReadConsoleInputW.KERNEL32(?,?,?,00000000,?,00A10F8E,?,00000001,?,00A6BDD0,00000038,00A10F08,00A6BDB0,0000000C,009BBC89,FreeSchedulerInterface), ref: 00A23113
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,00A10F8E,?,00000001,?,00A6BDD0,00000038,00A10F08,00A6BDB0,0000000C,009BBC89,FreeSchedulerInterface,?), ref: 00A2311F
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00A23196: CloseHandle.KERNEL32(FFFFFFFE,00A230C4,?,00A10F6D,?,00A6BDD0,00000038,00A10F08,00A6BDB0,0000000C,009BBC89,FreeSchedulerInterface,?), ref: 00A231A6
                                                                                                                                                                                                                                                                                                                                                                                  • ___initconin.LIBCMT ref: 00A2312F
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00A2307A: CreateFileW.KERNEL32(CONIN$,C0000000,00000003,00000000,00000003,00000000,00000000,00A230EF,00A10F58,00A6BDD0,00000038,00A10F08,00A6BDB0,0000000C,009BBC89,FreeSchedulerInterface), ref: 00A2308D
                                                                                                                                                                                                                                                                                                                                                                                  • ReadConsoleInputW.KERNEL32(?,?,?,?,00A10F8E,?,00000001,?,00A6BDD0,00000038,00A10F08,00A6BDB0,0000000C,009BBC89,FreeSchedulerInterface,?), ref: 00A23143
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ConsoleInputRead$CloseCreateErrorFileHandleLast___initconin
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 838051604-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: c377cf24a9f6b40b00b5bfbdc7f915ff770547abab957c30fb5ddcec3298ba85
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 22bfd92fa81b992b0e54c4e1207396f8a45641854f683cf80b5d1f5b3eb2f459
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c377cf24a9f6b40b00b5bfbdc7f915ff770547abab957c30fb5ddcec3298ba85
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B0F0C03B404125BF8F625FE9FC0989E7F26FF097617058120FE1996131CB3699629B90
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A23099 Relevance: 6.0, APIs: 4, Instructions: 23COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetConsoleMode.KERNEL32(?,00000000,?,00A10F6D,?,00A6BDD0,00000038,00A10F08,00A6BDB0,0000000C,009BBC89,FreeSchedulerInterface,?), ref: 00A230A8
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,00A10F6D,?,00A6BDD0,00000038,00A10F08,00A6BDB0,0000000C,009BBC89,FreeSchedulerInterface,?), ref: 00A230B4
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00A23196: CloseHandle.KERNEL32(FFFFFFFE,00A230C4,?,00A10F6D,?,00A6BDD0,00000038,00A10F08,00A6BDB0,0000000C,009BBC89,FreeSchedulerInterface,?), ref: 00A231A6
                                                                                                                                                                                                                                                                                                                                                                                  • ___initconin.LIBCMT ref: 00A230C4
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00A2307A: CreateFileW.KERNEL32(CONIN$,C0000000,00000003,00000000,00000003,00000000,00000000,00A230EF,00A10F58,00A6BDD0,00000038,00A10F08,00A6BDB0,0000000C,009BBC89,FreeSchedulerInterface), ref: 00A2308D
                                                                                                                                                                                                                                                                                                                                                                                  • GetConsoleMode.KERNEL32(?,?,00A10F6D,?,00A6BDD0,00000038,00A10F08,00A6BDB0,0000000C,009BBC89,FreeSchedulerInterface,?), ref: 00A230D2
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ConsoleMode$CloseCreateErrorFileHandleLast___initconin
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3067319862-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: bd6076cde0e219273845e5bac3e7eaccdbf787027bda949fb67cbd2a03e37ca5
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 69fdd6aa130bd132ceedf9f9fb0a427b798c9628a5049f09e63797d9f069bba8
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: bd6076cde0e219273845e5bac3e7eaccdbf787027bda949fb67cbd2a03e37ca5
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 13E0BF375041256B8F616BEAFD0849A7EA5EB493A17014130F90AA2221DA259D5397A1
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A23150 Relevance: 6.0, APIs: 4, Instructions: 23COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • SetConsoleMode.KERNEL32(?,00000000,?,00A10F75,00000000,?,00A6BDD0,00000038,00A10F08,00A6BDB0,0000000C,009BBC89,FreeSchedulerInterface,?), ref: 00A2315F
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,00A10F75,00000000,?,00A6BDD0,00000038,00A10F08,00A6BDB0,0000000C,009BBC89,FreeSchedulerInterface,?), ref: 00A2316B
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00A23196: CloseHandle.KERNEL32(FFFFFFFE,00A230C4,?,00A10F6D,?,00A6BDD0,00000038,00A10F08,00A6BDB0,0000000C,009BBC89,FreeSchedulerInterface,?), ref: 00A231A6
                                                                                                                                                                                                                                                                                                                                                                                  • ___initconin.LIBCMT ref: 00A2317B
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00A2307A: CreateFileW.KERNEL32(CONIN$,C0000000,00000003,00000000,00000003,00000000,00000000,00A230EF,00A10F58,00A6BDD0,00000038,00A10F08,00A6BDB0,0000000C,009BBC89,FreeSchedulerInterface), ref: 00A2308D
                                                                                                                                                                                                                                                                                                                                                                                  • SetConsoleMode.KERNEL32(?,?,00A10F75,00000000,?,00A6BDD0,00000038,00A10F08,00A6BDB0,0000000C,009BBC89,FreeSchedulerInterface,?), ref: 00A23189
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ConsoleMode$CloseCreateErrorFileHandleLast___initconin
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3067319862-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: a67dd80b4f4e5ae625b8e81a74ea0004f50e4c21e93ac3338ad41efef224bceb
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 16ba19660d8a2d03356a8027182e0448ea96d975651598cb8fa0ec9373f0dfa4
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a67dd80b4f4e5ae625b8e81a74ea0004f50e4c21e93ac3338ad41efef224bceb
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 93E09A3B5042256B8F756BE9BD0C49E3E69EB493B17010230FD0A92231DA259DA296E1
                                                                                                                                                                                                                                                                                                                                                                                  Function 009C8C8C Relevance: 5.6, APIs: 2, Strings: 1, Instructions: 314COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009C8C93
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CB1E0: __EH_prolog3.LIBCMT ref: 009CB1E7
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CF2EA: __EH_prolog3_GS.LIBCMT ref: 009CF2F4
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CF2EA: ExpandEnvironmentStringsW.KERNEL32(?,00000000,00000000), ref: 009CF55E
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CF2EA: GetLastError.KERNEL32(?,00000000,00000000), ref: 009CF56E
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CB04E: __EH_prolog3.LIBCMT ref: 009CB055
                                                                                                                                                                                                                                                                                                                                                                                  • GetPrivateProfileStringW.KERNEL32(00A5B8D8,00A5B8E8,?,00000000,00007FFF,00A5B908), ref: 009C8FB5
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3$EnvironmentErrorExpandH_prolog3_LastPrivateProfileStringStrings
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: EvaluateIniCondition
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2470909528-4286620915
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 80e2bfccce26a36bf5bb8a5b12d11faba9e6069bfd03ae378239870919c91e69
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: ddac0937c1a74f4ebc0bc52eb078c12b106fcbba3168afbdec3b66e304257f8a
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 80e2bfccce26a36bf5bb8a5b12d11faba9e6069bfd03ae378239870919c91e69
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C2D15831C01189EACF05EBE4CA96BEEBB79AF60324F14405CE112771D2EB345B49CB62
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E85D0 Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 259COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00A05079: std::invalid_argument::invalid_argument.LIBCONCRT ref: 00A05085
                                                                                                                                                                                                                                                                                                                                                                                  • Concurrency::cancel_current_task.LIBCPMT ref: 009E8703
                                                                                                                                                                                                                                                                                                                                                                                  • Concurrency::cancel_current_task.LIBCPMT ref: 009E8829
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Concurrency::cancel_current_task$std::invalid_argument::invalid_argument
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: vector too long
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3322433199-2873823879
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 444a2b385e1a8d6393f73bbe7c96e4e024c8a30f3ba4987a6d9714b8dc7fb2c2
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 2c95bb347b8ff7f5eb40e8478e72a3ca0f9c627c1bf4363ecf841164dbec7a9b
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 444a2b385e1a8d6393f73bbe7c96e4e024c8a30f3ba4987a6d9714b8dc7fb2c2
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 67712772A001049FDB06DFB9DD8596FB7A9EF84310B294368EC199B385EE31ED41CB91
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D29E5 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 242COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3_GS.LIBCMT ref: 009D29EF
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009CB1E0: __EH_prolog3.LIBCMT ref: 009CB1E7
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3H_prolog3_
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %04u - %02u - %02u T %02u : %02u : %02u $PYDTHMS
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3355343447-203387392
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: d89e34e525b71bec9aa35b5f47d8a83c4b5db564535527f3f4a4cfd2e566ed6d
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 3cb75abbca8b496e6531a193af3d7a10e55bbe2e67392c5b2154b19090bcade3
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d89e34e525b71bec9aa35b5f47d8a83c4b5db564535527f3f4a4cfd2e566ed6d
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: DD916072D402189FCF14DFE8CA81BEDB7B9BF54310F24826AE515AB281EB749E45CB50
                                                                                                                                                                                                                                                                                                                                                                                  Function 009C89C5 Relevance: 5.5, APIs: 1, Strings: 2, Instructions: 202COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3_
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %I64u$EvaluateRemoteCondition
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2427045233-3279197903
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 4000a893a2735f2c68d26e67e33532be28c51ba2bf9b2f6dd6135559b42b0cf0
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 222ca7b20f4080e7a11e2ddf4d970d7b0485ff075c86aa4c70ebec62c10f714c
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 4000a893a2735f2c68d26e67e33532be28c51ba2bf9b2f6dd6135559b42b0cf0
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B381BE70C0024CDBDF11EBE4CA95BEEBBB9BF40314F20855CE0166B292DB755A49CB62
                                                                                                                                                                                                                                                                                                                                                                                  Function 009C82B4 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 182COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3_
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: EvaluateResVersionCondition$W
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2427045233-2682256287
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: ed98b8e2a9cd44cda3fdcf78dbf759452fa74fb2f49e72d3d56a644c0c9408f2
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 60c12a6118fbca397edc78aba7706e59c61623e24f9656b8bed92d59b0c52c1f
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ed98b8e2a9cd44cda3fdcf78dbf759452fa74fb2f49e72d3d56a644c0c9408f2
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: B4818870D01289CBDF14DFA4C995BEDBBB5BF54304F2080ADE415AB292EB715A48CF12
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A1E5D8 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 144COMMONLIBRARYCODE
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • IsProcessorFeaturePresent.KERNEL32(00000017,00A0AA72,?,00A0A9E1,00000001,00000016,00A0ABF0,?,?,?,?,?,00000000,00000001,?), ref: 00A1E5F4
                                                                                                                                                                                                                                                                                                                                                                                  • GetModuleFileNameW.KERNEL32(00000000,C:\Program Files\CCleaner\CCUpdate.exe,00000104,?,00000001,00000001,00000001,00000016,00A0ABF0,?,?,?,?,?,00000000,00000001), ref: 00A1E663
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: FeatureFileModuleNamePresentProcessor
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: C:\Program Files\CCleaner\CCUpdate.exe
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1195332949-1899485027
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: d3802e86019cb46cf3bacbab4293a158d576d2a1d39c430f28a4f34993200d3a
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: fbc063c02afbab4a095c02e6e24f5b828c18aac0eeec5b99080ff8c18f013f00
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d3802e86019cb46cf3bacbab4293a158d576d2a1d39c430f28a4f34993200d3a
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1F410971A40324EBEB21EF989D81EDEBBB9EF54750F144076FD0897281D6708E818B90
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E8280 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 123COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • invalid hex_char_value<char>, xrefs: 009E83C3
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: __aulldiv__aullrem
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: invalid hex_char_value<char>
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3839614884-1974215820
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 85012114d30e11b59a15e1395ae086cb0278c3d4a41cf18b9c2b729163d724e1
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 10b479a36a7617423eb78f35e33adc1dda65ff651e3c65da9111ae13d68070b2
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 85012114d30e11b59a15e1395ae086cb0278c3d4a41cf18b9c2b729163d724e1
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 30413470A00244AFD705CFAAC895BEFF7B9FF44B00F108159E419AB281DB75AD44CB90
                                                                                                                                                                                                                                                                                                                                                                                  Function 009CA0F0 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 104COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3_
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: EvaluateBuildCondition$W
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2427045233-190751726
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: cbd1a3b0e3142b7bf3702d2b2aa9157bd99a3ef1349711a27194409b700b86f5
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: a4cd8cc57b07ff9b55fc9f153311bf513e8c077d8ebc2ec3b99c8a45c57b8016
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: cbd1a3b0e3142b7bf3702d2b2aa9157bd99a3ef1349711a27194409b700b86f5
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: C94122B0D0439C8ADF14DFE4D985BEDBBB4BF54309F20441DE419AB281EBB54A48CB56
                                                                                                                                                                                                                                                                                                                                                                                  Function 009CA336 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 77COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3_
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: EvaluateFmtVersionCondition$W
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2427045233-287813681
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: c1b59ddab5e24772b656a60b2651c14da4726487593ec482d55d7cf66adddba6
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 7bdb09a998e45c3e60e463fd2ac38e58a2b1d571e07c7a724431683b8b246a99
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: c1b59ddab5e24772b656a60b2651c14da4726487593ec482d55d7cf66adddba6
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 193102B1D0025C9BCB14EFD4C849A9DBBB0BF18319F504519E819BB261D7B04A49CF92
                                                                                                                                                                                                                                                                                                                                                                                  Function 009C77C1 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 77COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3_
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: EvaluateVersionCondition$W
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2427045233-1080545126
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: cce696ad9e076be08af3d2c9b88039ac8418944834afd566027adefe5d6a988c
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 27bf1c9c08b738f5511e506e60ca1270d61b289b948f51ee536423d3588b28f1
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: cce696ad9e076be08af3d2c9b88039ac8418944834afd566027adefe5d6a988c
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 843100B1D042589BCB14DFE4D889B9DBBF1BF18315F20461EE919AB251D3B40A49CF92
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E0A68 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 64COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: install2$operation_c
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 431132790-1966482546
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: d48eebcf9d5c1e575c36aaef94006a31f25f1a86192d090ce18fb16327389cbb
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: a95ae7ddfcf8d1cc940d06237b4424f221008fa30eb8b5259c8cdf470b47709d
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: d48eebcf9d5c1e575c36aaef94006a31f25f1a86192d090ce18fb16327389cbb
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 43216D30A0024F9BCF05EBA4DA52AFEB374BF51314F600528E122A71D1EF749E48CB60
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E24C9 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 60fileCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • __EH_prolog3.LIBCMT ref: 009E24D0
                                                                                                                                                                                                                                                                                                                                                                                  • DeleteFileW.KERNEL32(00000000,?,00000024,009DAE50), ref: 009E24F1
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • Reboot reason imm orphan: %s, xrefs: 009E2509
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: DeleteFileH_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: Reboot reason imm orphan: %s
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1724573611-1196261955
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: ddccb818ad6096058d8deda92f037ce60c5717f83edf2e125fb8e4e9a69d23b1
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 210219dbfb4253bf871a660a1357e0b3871c38a7830a9f3d9a54cb76096dbc9a
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: ddccb818ad6096058d8deda92f037ce60c5717f83edf2e125fb8e4e9a69d23b1
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 37110A319042909FDB26EB29D564768B7F96F44354F1C859CF8565B2D2CF71EC41C740
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E09A9 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 60COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: install2$operation_c
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 431132790-1966482546
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 935d13f7b41373e47866dacf2ad407ce89b1d5c8b8c2d2d4c406dd63ae658021
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: f4d00b5c153b8147fc429a88c4c82c55c800aacea94dcb6f3efb4dbbcecd83fc
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 935d13f7b41373e47866dacf2ad407ce89b1d5c8b8c2d2d4c406dd63ae658021
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: F6113D3090024E9BCF05EBA4DA929FEB774BF54321B100529F222A71D1EF749A44CB61
                                                                                                                                                                                                                                                                                                                                                                                  Function 009E43D7 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 56COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetFullPathNameW.KERNEL32(?,00000104,?,00000000), ref: 009E43F2
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009BC04F: CreateFileW.KERNELBASE(?,80000000,00000001,00000000,00000003,00000080,00000000), ref: 009BC079
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009BC04F: GetLastError.KERNEL32 ref: 009BC081
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009BC04F: Sleep.KERNEL32(000000C8), ref: 009BC09B
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009BC04F: GetLastError.KERNEL32 ref: 009BC0AC
                                                                                                                                                                                                                                                                                                                                                                                  • CloseHandle.KERNEL32(000000FF), ref: 009E445F
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ErrorLast$CloseCreateFileFullHandleNamePathSleep
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: W
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 2336519704-655174618
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 1b2e68b86c1ad4a6da7afcb3e1ea5a7013f87bbe92250b7560ec41c471bb5874
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 7daf50e857981179221da99ae143a0c26982702b2c0c70f7d3a76264af5995a8
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 1b2e68b86c1ad4a6da7afcb3e1ea5a7013f87bbe92250b7560ec41c471bb5874
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9C216D30801169EBDB21DBA9DD4C7ECB7B4AF14324F2442D8A029A21E1DB345F85CF15
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D6239 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 38COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: FreeH_prolog3String
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: UnregisterJob_1
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3825424854-993504129
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: a9a63241da79247d3f41805f85465dce912d263eac3edbc1549fd2ab31056b46
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 696140b6b55b7d33ccb2ed2ed9124ed1856f9029d8b18c2f719b3111688e1294
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: a9a63241da79247d3f41805f85465dce912d263eac3edbc1549fd2ab31056b46
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 1B018F3091021ADBCF05EB98CD8ABAEB774BF44315F504459E011772A1DB746E05DB21
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A1CA38 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 34timeCOMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • GetSystemTimeAsFileTime.KERNEL32(00000000,000003E8,000003E8,?,009DAC24,00000000,?,00000074,00000000,?,?,ApplyXmlUpdate,?,000003A4,009E42D5,?), ref: 00A1CA4B
                                                                                                                                                                                                                                                                                                                                                                                  • __ehfuncinfo$??2@YAPAXIABUnothrow_t@std@@@Z.LIBCMT ref: 00A1CA7C
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: Time$FileSystemUnothrow_t@std@@@__ehfuncinfo$??2@
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: $KL
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1518329722-2900536411
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 7ca3dfc91b4352a0bfc5632450592cc54d6bda55ef56e443c11fd1d681e4f53d
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 7c8892ebd5d3f4813e936d6f11a319fec67a4b64c28f8183a5b07ffc986f732f
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7ca3dfc91b4352a0bfc5632450592cc54d6bda55ef56e443c11fd1d681e4f53d
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 31F0B4756512086BDB15CBA8C806BAD7AAAFF80375F244658A402E2290D674EF808614
                                                                                                                                                                                                                                                                                                                                                                                  Function 009CE653 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 33COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: H_prolog3
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: %hs START$ConsoleHandlerRoutine
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 431132790-2588116265
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: b677d600abd0213e63064f6ce4b03f890eae5d62dfe0bb75f9a2af06f1bfe926
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 46cce0208bd5dc2e3a69c164da06f958760d107d0189242a7f04be6ad310a37c
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: b677d600abd0213e63064f6ce4b03f890eae5d62dfe0bb75f9a2af06f1bfe926
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 9201AFB1D10209DFDB05DFA8DA4ABBEB770FB00320F004529E4516B2C1CB759A05CB85
                                                                                                                                                                                                                                                                                                                                                                                  Function 00A05B8D Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 22COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D9C42: InitializeCriticalSectionEx.KERNEL32(?,00000000,00000000,11C5A2E7,?,?,00A2C680,000000FF), ref: 009D9C6A
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 009D9C42: GetLastError.KERNEL32(?,00000000,00000000,11C5A2E7,?,?,00A2C680,000000FF), ref: 009D9C74
                                                                                                                                                                                                                                                                                                                                                                                  • IsDebuggerPresent.KERNEL32(?,?,?,009B896E), ref: 00A05BC0
                                                                                                                                                                                                                                                                                                                                                                                  • OutputDebugStringW.KERNEL32(ERROR : Unable to initialize critical section in CAtlBaseModule,?,?,?,009B896E), ref: 00A05BCF
                                                                                                                                                                                                                                                                                                                                                                                  Strings
                                                                                                                                                                                                                                                                                                                                                                                  • ERROR : Unable to initialize critical section in CAtlBaseModule, xrefs: 00A05BCA
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CriticalDebugDebuggerErrorInitializeLastOutputPresentSectionString
                                                                                                                                                                                                                                                                                                                                                                                  • String ID: ERROR : Unable to initialize critical section in CAtlBaseModule
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3511171328-631824599
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 51597717599afcdc05ba59f735b3234ffb158fe397431c22b0914e73fa39cc5f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 6ba2289a89fe0d17051e25c0f4c0f69d151e876a8dde9ed71bcbcd2c39eac270
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 51597717599afcdc05ba59f735b3234ffb158fe397431c22b0914e73fa39cc5f
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 91E06D70600B018BD330AFB9E9187477BE8AB06755F00881DE88AC6680F7B4F449CFA1
                                                                                                                                                                                                                                                                                                                                                                                  Function 009F58E0 Relevance: 5.3, APIs: 4, Instructions: 252COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(?,?,11C5A2E7,?,?,00000000), ref: 009F5960
                                                                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?,?,?), ref: 009F59D7
                                                                                                                                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(?,?,00000000,?,?,?,?,?,?), ref: 009F5B25
                                                                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,?), ref: 009F5B49
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 6bfb0abc32f09b6e51fcd137b9a90e842731e8f660d4f1bd96fefe39c1a9b659
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 6ac3e74a577df73e9454dfc0ba42b48ff26f1357a25db6da03af3b051b961ae8
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 6bfb0abc32f09b6e51fcd137b9a90e842731e8f660d4f1bd96fefe39c1a9b659
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 60918375A00609DFCB14CFA8C8847ADBBB9FF88320F158259EA159B385DB74AD45CF90
                                                                                                                                                                                                                                                                                                                                                                                  Function 009FF760 Relevance: 5.1, APIs: 4, Instructions: 136COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00A00670: WaitForSingleObject.KERNEL32(?,000000FF,?,00A004C7,?,?,?,00000000,?,?,00A00357,?,?,FFFFFFFF,?,009FFE34), ref: 00A00678
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00A00600: SetEvent.KERNEL32(00A00370,?,00A00370,?,FFFFFFFF,?,?,?,?,?,?), ref: 00A00608
                                                                                                                                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(?), ref: 009FF7D1
                                                                                                                                                                                                                                                                                                                                                                                  • EnterCriticalSection.KERNEL32(?), ref: 009FF7DE
                                                                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?), ref: 009FF800
                                                                                                                                                                                                                                                                                                                                                                                  • LeaveCriticalSection.KERNEL32(?), ref: 009FF807
                                                                                                                                                                                                                                                                                                                                                                                    • Part of subcall function 00A006C0: ReleaseSemaphore.KERNEL32(?,00000001,00000000,?,00A004BF,?,?,00000000,?,?,00A00357,?,?,FFFFFFFF,?,009FFE34), ref: 00A006CC
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: CriticalSection$EnterLeave$EventObjectReleaseSemaphoreSingleWait
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 3648152314-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 89c7bd79c3770de0bf0ae081142baa0fa4772e0d818ccbef16bf0ea719880d34
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 4f3182adbf084d8d8c3ff36348853cdcc536e938e10cfd9af94d290919f593fa
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 89c7bd79c3770de0bf0ae081142baa0fa4772e0d818ccbef16bf0ea719880d34
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: AE51A171900608DFCB10DF64D884BEAB7FAFF88304F044579E94A8B616D731BA55CB90
                                                                                                                                                                                                                                                                                                                                                                                  Function 009D32BB Relevance: 5.1, APIs: 4, Instructions: 85COMMON
                                                                                                                                                                                                                                                                                                                                                                                  Download Yara Rule
                                                                                                                                                                                                                                                                                                                                                                                  APIs
                                                                                                                                                                                                                                                                                                                                                                                  • MultiByteToWideChar.KERNEL32(?,00000000,?,?,?,?), ref: 009D3301
                                                                                                                                                                                                                                                                                                                                                                                  • GetLastError.KERNEL32(?,?), ref: 009D3312
                                                                                                                                                                                                                                                                                                                                                                                  • MultiByteToWideChar.KERNEL32(?,00000000,?,?,00000000,00000000,?,?), ref: 009D332A
                                                                                                                                                                                                                                                                                                                                                                                  • MultiByteToWideChar.KERNEL32(?,00000000,?,?,?,00000000,?,?), ref: 009D334E
                                                                                                                                                                                                                                                                                                                                                                                  Memory Dump Source
                                                                                                                                                                                                                                                                                                                                                                                  • Source File: 00000007.00000002.2686106801.00000000009B1000.00000020.00000001.01000000.00000018.sdmp, Offset: 009B0000, based on PE: true
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2685599465.00000000009B0000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687185247.0000000000A34000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687270469.0000000000A6F000.00000004.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  • Associated: 00000007.00000002.2687416147.0000000000A73000.00000002.00000001.01000000.00000018.sdmpDownload File
                                                                                                                                                                                                                                                                                                                                                                                  Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                                                                                  • Snapshot File: hcaresult_7_2_9b0000_CCUpdate.jbxd
                                                                                                                                                                                                                                                                                                                                                                                  Similarity
                                                                                                                                                                                                                                                                                                                                                                                  • API ID: ByteCharMultiWide$ErrorLast
                                                                                                                                                                                                                                                                                                                                                                                  • String ID:
                                                                                                                                                                                                                                                                                                                                                                                  • API String ID: 1717984340-0
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode ID: 7cacc6ac41d5772645dea3dfd931dee83ab379eba848a91e683689786f147882
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction ID: 99661eb757fc8dc8ac4f89195329808dbcda34f53b3308692d00a863a10624fb
                                                                                                                                                                                                                                                                                                                                                                                  • Opcode Fuzzy Hash: 7cacc6ac41d5772645dea3dfd931dee83ab379eba848a91e683689786f147882
                                                                                                                                                                                                                                                                                                                                                                                  • Instruction Fuzzy Hash: 2C212E72240206BFDB045FA4EC85EBBBBADEF49365B24C12BF505D6250DB71AE0187A0